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ABSTRACT 

DoD has become increasingly dependent upon storing its sensitive informa- 
tion in electronic form and has a deep concern for the integrity and privacy of 
this valuable information. In the recent aftermath of numerous electronic 
break-ins, the DoD continues to express anxiety over technically weak system 
administrators’ inability to protect sensitive electronic information. 

The solution to minimizing these electronic intmsions and bolstering 
computer security in DoD is to educate military officers and federal civilians 
in the methods of computer security. This can be accomplished by integrating 
concepts and problem solving techniques related to computer security into the 
Information Technology Management (370) Curriculum at the Naval 
Postgraduate School. 
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I. INTRODUCTION 



A. RATIONALE AND PURPOSE OF THESIS 

In 1986, Cliff Stoll, an astronomer-tumed-system administrator at 
Lawrence Berkeley Laboratory, attracted international attention by tracing a 
75 cent computer system accounting error to a West German hacker stealing 
military documents and selling them to the KGB. Although the hacker was not 
a brilliant programmer, he was persistent. By exploiting security deficiencies 
in operating systems, lax password security, and poor system management, 
the hacker managed to attack over 450 computers attached to MILNET, 
successfully penetrating 30. The hacker persistently attacked computers 
located at military bases, defense contractors, and universities, searching files 
for keywords like KH-1 1, SDI, and NUCLEAR. [Ref. 1] 

On the evening of November 2, 1988, Robert T. Morris, a Cornell 
graduate student unleashed a worm on the Internet. Within hours 
approximately 3,000 Sun and VAX workstations running variants of the 
Berkeley Standard Distribution 4.3 UNIX operating system fell victim to the 
worm. Although the worm, innocuous in the sense that it did not destroy files 
or alter information, did however propagate uncontrollably, overwhelming 
system resources. [Ref. 2] 

Between April 1990 and May 1991, foreign hackers penetrated 34 
Department of Defense (DoD) computers including one system that directly 
supported Operation Desert Shield / Storm. The hackers gained access to 
sensitive military computers by exploiting well known flaws in operating 
systems, weaknesses in the Trivial File Transfer Protocol (TFTP) and 
accounts with easily guessed passwords. [Ref. 3] 
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DoD has become increasingly dependent upon storing its “sensitive 
information” in electronic form and naturally there is a deep concern for the 
integrity and privacy of this valuable information. In the aftermath of 
numerous electronic intmsions, many questions have been raised regarding 
the lack of computer security and the abundance of computer system 
vulnerabilities. 

One predominate factor linked to these “electronic break-ins” is 
system administrators who are not formally educated in computer 
security. Although highly publicized stories of “electronic break-ins”, 
worms, and viruses have made some system administrators more security 
conscious, awareness of the problem is not enough. [Ref. 4] 

The phenomenon of widespread electronic intmsion is very 
recent. It is made possible by the proliferation of personal 
computers and their connection to electronic networks. Although 
technically sophisticated, intmsions are always the acts of human 
beings. Intmsions can be controlled by a combination of 
technical safeguards — a sort of network immune system — and 
hygienic procedures for using computers. But they cannot be 
eliminated. 

It would seem that some straightforward technological fixes 
would greatly reduce future threats. But technological fixes are 
not the final answer; they are valid only until someone launches 
a new kind of attack. [Ref. 5] 

The solution to minimizing these electronic intmsions and bolstering 
computer security in DoD is to educate military officers and federal civilians 
in the methods of computer security. This can be accomplished by integrating 
concepts and problem solving techniques related to computer security into the 
Information Technology Management (370) Curriculum at the Naval 
Postgraduate School. 
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The following describes DoD’s anxiety about system administrators' 
inability to safeguard electronic information, and proposes several cost 
efficient avenues to enhance the training of computer security in the 
Information Technology Management (370) Curriculum. This thesis will also 
serve as a computer security reference vehicle to facilitate faculty members in 
modifying their courses to encompass relevant security issues. 

B. SUMMARY OF CONTENTS 

This thesis contains seven chapters and three appendices, the following is 
a summary of the contents: 

Chapter I Introduction acquaints the reader with three highly 
publicized electronic break-ins and highlights DoD’s anxiety about 
technically weak system administrators’ inability to protect sensitive 
electronic information. 

Chapter II Computer Security and DoD briefly describes what 
computer security is and what it entails. Introduces two U.S. Government 
Accounting Office (GAO) perceptions of system administrators, the current 
“local” computer security climate, and the need for computer security 
professionals. 

Chapter III Cultivating Computer Security in DoD describes laws, 
acts, and technical publications that directly impact computer security within 
DoD. Proposes modifying an academic program at the Naval Postgraduate 
School to ameliorate DoD’s computer security problems. 

Chapter IV Analysis Methods describes the procedures and resources 
used in this thesis. 
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Chapter V Summary of Findings summarizes the thesis research 
findings and the strengths and weaknesses of the current 370 Curriculum. 

Chapter VI Recommendations describes in detail seven 
recommendations for improving computer security. 

Chapter VII Conclusion; opinions. 

Appendix A Information Systems Courses reflects the comparison of IS 

courses with the (ISC) information security certification format. 

Appendix B Computer Science Courses reflects the comparison of CS 

courses with the (ISC)^ information security certification format. 

Appendix C Electro-Optical and Communication Courses reflects the 

comparison of EO and CM courses with the (ISC)^ information security 
certification format. 

List of References lists the sources of information used. 
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11. COMPUTER SECURITY AND DOD 



A. WHAT IS COMPUTER SECURITY? 

In the aftermath of numerous “electronic break-ins” to sensitive 
government computers, the DoD has become acutely aware of its computer 
security inadequacies. In light of these recent events one must ponder the 
question, what exactly is computer security and what does it entail? 

Computer security is far more reaching than just protecting information 
systems from “electronic break-ins”. 

Computer security is concerned with identifying 
vulnerabilities in systems and in protecting against threats to 
those systems.... many computer users still don’t really 
understand what computer security is-and why it should be 
important to them. Computer security protects your computer 
and everything associated with it--your building, your terminals 
and printers, your cabling, and your disks and tapes. Most 
importantly, computer security protects the information you’ve 
stored in your system. That’s why computer security is often 
called information security. [Ref. 6] 

“Every computer system is vulnerable to attack”. [Ref. 7] In order to 
protect this valuable information, first determine where the system is 
susceptible to intmsion, attack, or environmental danger. Once you have 
discovered the system’s vulnerabilities, appropriate preventative measures 
can be taken. Typical areas of concern include: 

• Physical Vulnerabilities: Your buildings, your computer site 
and the associated peripherals are vulnerable. One of the primary 
functions of physical security is to restrict unauthorized access to 
the computer site and provide protection from damage caused by 
natural disasters. “Physical security methods include old 
fashioned locks and keys, as well as more advanced technologies 
like smart cards and biometric devices.”[Ref. 8] 
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• Natural Disasters, such as fire, floods, earthquakes, and other 
dangers due to natural forces can cause irreparable damage to 
computer equipment and even worse, a loss of valuable 
information. Although natural disasters are not preventable, steps 
can be taken to minimize the severity of the damage. 

• Software Vulnerabilities: Worms, vimses, trapdoors, and even 
simple bugs can open the system to electronic intruders. 

• Human Vulnerabilities: “The people who administer and use 
your computer system represent the greatest vulnerability of all. 
The security of your entire system is often in the hands of a 
systems administrator.” If that administrator is not properly 
trained or is unable to safeguard valuable electronic information, 
the system could be exploited and subjected to electronic 
terrorism or vandalism. [Ref. 9] 

B. DOD’S INTEREST IN COMPUTER SECURITY 

1. 1989 U.S. General Accounting Office Report 

DoD has become increasingly dependent upon storing its “sensitive 
information” in electronic form and naturally there is a deep concern for the 
integrity and privacy of this valuable information. 

Network intruders— some would call themselves explorers or 
liberators— have found ways of using networks to dial into remote 
computers, browse through their contents, and work their way 
into other computers. They have become skilled at cracking the 
password protocols that guard computers and adept at tricking 
the operating systems into giving them supemser or system 
manager privileges. They have also created worm and vims 
programs that can carry out these actions unattended and 
replicate themselves endlessly-electronic surrogates that can 
prowl the network independent of their creators. As electronic 
networking spreads around the globe, making possible new 
international interactions and breaching barriers of language and 
time, so rise the risks of damage to valuable information and the 
anxiety over attack by intmders, worms, and vimses. [Ref. 10] 
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Representative Edward J. Markey, Chairman of the Subcommittee on 
Telecommunications and Finance (House Committee on Energy and 
Commerce), recognizing the devastating impact a malicious “Internet type” 
worm could have on DoD computers, asked the U.S. General Accounting 
Office (GAO) to conduct an intensive investigation focusing on DoD’s 
inherent vulnerabilities regarding computer security. [Ref. 11] 

Hackers have been accessing and continue to gain access to sensitive 
networked DoD computer systems by exploiting system weaknesses. One of 
the most prevalent weaknesses mentioned in the 1989 GAO report was 
that host computer site system managers were technically weak and 
practiced poor security management techniques. The report states: 

Host computers are frequently administered by systems 
managers, typically site personnel engaged in their own research, 
who often serve as systems managers on a part-time basis. 

A number of Internet users, as well as NCSC and Defense 
Communications Agency virus reports, stated that the technical 
abilities of systems managers vary widely, with many managers 
poorly equipped to deal with security issues, such as the Internet 
virus. For example, according to the NCSC report, many systems 
managers lacked the technical expertise to understand that a virus 
attacked their systems and had difficulty administering fixes. 

The report recommended that standards be established and 
a training program begun to upgrade systems manager 
expertise. [Ref. 12] 

2. 1991 U.S. General Accounting Office Report 

On November 20, 1991 Jack L. Brock Jr., Director of Government 
Information and Financial Management Issues (Information Management and 
Technology Division) gave testimony before the members of the Senate 
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Subcommittee on the vulnerabilities of DoD computer systems penetrated 
during Operation Desert Shield / Storm. Mr. Brock stated: 

Hackers continue to successfully exploit security weaknesses 
and undermine the integrity and confidentiality of sensitive 
government information. 

Between April 1990 and May 1991, computer systems at 34 
DoD sites attached to the Internet were successfully penetrated 
by foreign hackers. The hackers exploited well-known security 
weaknesses— many of which were exploited in the past by other 
hacker groups. These weaknesses persist because of the 
inadequate attention to computer security, such as password 
management, and the lack of technical expertise on the part of 
some system administrators-persons responsible for the 
technical management of the system. 

At many of the sites the hackers had access to unclassified, 
sensitive information on such topics as (1) military personnel- 
personnel performance reports, travel information and personnel 
reductions; (2) logistics-descriptions of the type and quantity of 
equipment being moved: and (3) weapons systems development 
data. 

Although such information is unclassified, it can be highly 
sensitive, particularly during times of international conflict. 

Some DoD and government officials have expressed concern that 
the aggregation of unclassified, sensitive information could 
result in the compromise of classified information. 

...system administration duties are generally part-time 
duties and that administrators frequently have little 
computer security background or training. [Ref. 13] 

Both GAO reports express DoD’s anxiety about system 
administrators’ lack of technical expertise and their inability to safeguard 
electronic information. 
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3. Computer Security Climate 

To obtain a feel for the “local” computer security climate, interviews 
were conducted with the System Administrator/Automated Data Processing 
(ADP) Managers at two central California military installations to determine 
their computer security backgrounds and training. Research revealed that the 
system administrators received little if any formal education in the arena of 
computer security. For example, one of the ADP Manager’s entire formal 
training consisted of a two day computer security course in San Francisco 
[Ref. 14]. The other ADP Manager had not received any type of formal 
computer security training to date [Ref. 15]. 

C. THE NEED FOR COMPUTER SECURITY PROFESSIONALS 
It is imperative that the concepts and issues of computer security be 
addressed if our goal is to protect the privacy, integrity and availability of 
sensitive government information from forms of electronic vandalism and 
terrorism. To accomplish this goal, attention must be focused on establishing 
an education program that will provide system administrators with the 
technical expertise to understand, administer, and make knowledgeable, 
informed decisions with regard to computer security. 
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III. CULTIVATING COMPUTER SECURITY IN DOD 



A. SECURITY RELATED LEGISLATION 

Since the late 1950s, federal agencies have become increasingly 
concerned over the protection of sensitive electronic information. This 
concern has spawned numerous pieces of legislation aimed at security. Two 
recent pieces of legislation, the National Telecommunication and Information 
Systems Security Publication 200 (NTISSP 200) and the Computer Security 
Act of 1987, have had a profound impact on the delegation of computer 
security practices in DoD. 

1. NTISSP 200 

National Telecommunication and Information Systems 
Security Publication 200 (National Policy on Controlled Access 
Protection) defined a minimum level of protection for computer 
systems operated by Executive branch agencies and departments 
of the U.S. Government. The policy applies to any system 
accessed by multiple users who do not all have the same 
authorization to use all of the classified or sensitive unclassified 
information processed or maintained by the system. NTISSP 200 
stated that within five years of publication (i.e., by September of 
1992), the systems affected by the policy must provide 
automated Controlled Access Protection (CAP) for all classified 
and sensitive unclassified information at the C2 level of trust 

defined in the Orange Book.^ [Ref. 16] 

The Orange Book is a technical publication, part of the Rainbow Series^, 
which defines trusted computer system evaluation criteria for systems 
requiring multiple levels of security. There are four basic divisions of trust, 

1. Department of Defense Trusted Computer System Evaluation Criteria, Department of Defense Stan- 
dard (DOD 5200.28-STD) Libraiy Number 5225,711, December 1985. 

2. A series of technical computer security books published by the National Computer Security Center, 
each with a different colored covering, hence the name “Rainbow Series” 
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with each division further subdivided into one or more distinct classes. Each 
class is denoted with a number, where the higher numbers indicate a greater 
degree of security [Ref. 17]. In increasing order of tmst, from lowest to 
highest, the classes are: 


• 


D 


Minimal Protection 


• 


Cl 


Discretionary Security Protection 


• 


C2 


Controlled Access Protection 


• 


B1 


Labeled Security Protection 


• 


B2 


Structured Protection 


• 


B3 


Security Domains 


• 


A1 


Verified Design 



How do you rate each of the aforementioned classes, and what are the 
associated requirements to achieve this rating? 

Each class is defined by a specific set of criteria that a system 
must met to be awarded a rating for that class. The criteria fall 
into four general categories: security policy, accountability, 
assurance, and documentation. [Ref. 18] Table 1 compares the 
Orange Book evaluation classes, showing the specific features 
required for each class and, in general terms, how requirements 
increase from class to class. [Ref. 19] 
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Table 1: TRUSTED COMPUTER SYSTEM EVALUATION CRITERIA 



Cl C2 B1 B2 B3 A1 



Discretionary Access Control 

Object Reuse 

Labels 

Label Integrity 

Exploitation of Labeled Information 
Exploitation of Multilevel Devices 
Labeling Human-Readable Output 
Mandatory Access Control 
Subject Sensitivity Labels 
Device Labels 

Identification and Authentication 
Audit 



Trusted Path 



System Architecture 
System Integrity 
Security Testing 

Design Specification and Verification 
Covert Channel Analysis 
Trusted Facility Management 
Configuration Management 
Trusted Recovery 
Trusted Distribution 
Security Features User’s Guide 
Trusted Facility Manual 
Test Documentation 
Design Documentation 





New or enhanced requirements for this class 




No additional requirements for this class 



No requirements for this class 
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Documentation I Assurance I Accountability I Security Policy 











2. Computer Security Act of 1987 

The Computer Security Act of 1987 holds each federal agency 
accountable for identifying computer systems that utilize sensitive data. The 
act also requires civilian, military, government employees, and others who 
directly interact with systems containing sensitive information to receive 
computer security training commensurate with their level of access. [Ref. 9] 
Since the government has over 50,000 sensitive systems, a new stock 
of questions emerge. Who will train this multitude of individuals needed to 
operate these systems, to what extent will they be trained, and how will their 
computer security training benefit the DoD? 

B. FORMAL COMPUTER SECURITY EDUCATION: TOWARD A 
CERTIFICATION FORMAT 

System administrators are chronically considered the weak link in 
the computer security chain. Their lack of formal and technical education in 
the arena of computer security is a dangerous situation, but this situation can 
be rectified. 

The Naval Postgraduate School (NPS) in Monterey, California, an 
institution dedicated to providing graduate level academic programs to meet 
the increasing technological and professional needs of the DoD, offers a viable 
solution. The Information Technology Management (370) Curriculum, an 
eight quarter interdisciplinary program of study, is designed to provide 
officers and federally employed civilians with a strong knowledge of 
information systems, emphasizing computer and telecommunication systems. 

With minor modifications and a moderate injection of computer security 
concepts and issues, the Information Technology Management (370) 
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Curriculum can become a beneficial vehicle for producing more 
knowledgeable and competent computer security “professionals”. The 
modified curriculum can greatly contribute towards combating DoD’s 
computer security problems. 

There are individuals in the computer industry who market themselves as 
“security professionals”, but without the sanction of any recognized certifying 
group. A few certification programs lightly touch on security issues, but to 
date, there is no certification program dedicated totally to the issues of 
information security. [Ref. 20] 

The International Information Systems Security Certification 

Consortium- or (ISC) for short— was created to develop a 
certification program for information systems security 
practitioners. In November 1988, the Special Interest Group for 
Computer Security (SIG-CS) of the Data Processing 
Management Association (DPMA) brought together 
organizations who were interested in creating a certification 
program for this community of specialists. The cooperating 
organizations include the Data Processing Management 
Association (DPMA), Information Systems Security Association 
(ISSA), Idaho State University, the National Security Agency 
(NSA), and the Computer Security Institute (CSI). Other groups 
-including the Canadian and U.S. Governments, the Canadian 
Information Processing Society (CIPS), and the International 
Federation for Information Processing (DFIO) have been 
represented at meetings and have been invited to participate. 
Representation from other interested and qualified bodies, 
including IEEE and ACM, is under consideration. [Ref. 21] 

In 1991 (ISC) proposed the first formal certification program for 
computer security professionals. This certification reflects the current thought 
and future expectations of distinguished experts in the computer security field. 
[Ref. 22] 
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By extracting the (ISC)^ certification format and injecting these concepts 
and issues into the existing 370 Curriculum, a new, enhanced curriculum will 
metamorphose. In this fast changing climate of high-technology, this 
curriculum will ensure the military has an ample supply of these top-level 
managers and supervisors who possess a solid background in the area of 
computer security. 
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IV. ANALYTICAL METHODS 



The purpose of this thesis is to determine if relevant computer security 
concepts and issues were being addressed in the Information Technology 
Management (370) Curriculum and make recommendations to improve 
course content and the Curriculum. In order to determine which concepts and 
issues were considered relevant and if they were being addressed, several 
methods were employed: 

• Literature review (including academic and DoD publications on 
computer security). 

• Interviews with DoD ADP Managers. 

• Interviews with faculty from the Computer Science, 
Administrative Sciences, and the Electrical and Computer 
Engineering Departments. 

• Micro analysis of the 370 Curriculum from the viewpoint of 
computer security, utilizing the (ISC)^ certification format. 

A. LITERATURE REVIEW 

Initially, a comprehensive literature review was conducted to become 
familiar with the current computer security atmosphere and to form a 
knowledge base for further research. The computer library located in the 
Naval Postgraduate School’s Ingersoll Hall, is a cornucopia of computer 
information. Some of the reference material utilized to assimilate information 
for the knowledge base includes; 

• Government Publications: The “Rainbow Series”, Federal 
Information Processing Standards Publications (FTPS PUBS) 
and Government Accounting Office Reports (GAO) 

• Electronic Newsgroups: alLsecurity, comp.risks, comp.virus 
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• Anonymous File Transfer Protocol (FTP): Several documents 
were retrieved electronically from these addresses: 

cert.sei.cmu.edu, cu.nih.gov, cs.purdue.edu. 

• Computer Security Books: Computers under Attack: Intruders, 
Worms and Viruses by Peter Denning, Security in Computing by 
Charles Pfleeger, Computer Security Basics by Deborah Russell 
and G.T. Gangemi Sr., and Computer Security Handbook by 
Richard Baker. 

• Computer Security Professional Certification Format: 
International Information Systems Security Certification 

Consortium (ISC) is the format used to evaluate each course in 
the 370 Curriculum. The result of the evaluation is reflected in 
Appendices A, B, and C. 

Once the information from the literature review was assimilated, and a 
through knowledge of computer security established. This newly gained 

knowledge base, along with the (ISC)^ certification format was used as a tool 
to interview NPS faculty members. 

B. LOGICAL COURSE GROUPINGS 

To analyze the 370 Curriculum, it was necessary to segregate the courses 
into the following logical course groupings; Communications (CM), 
Computer Science (CS), Electro-Optical (EO), Information Systems (IS), 
Management (MN), Operations Science (OS), Mathematics (MA), and Naval 
Science (NS). Research revealed the MN, OS, MA, and NS courses were 
sufficiently devoid of the information applicable to computer security. Four 
course groupings: IS, CS, CM and EO were selected for analysis because 
they contained the bulk of the technical material in the 370 Curriculum and 
relate to computer systems. Once the areas for analysis were selected, the 
experts were interviewed. 
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C. INTERVIEWS WITH NFS FACULTY 



Faculty members representing the Computer Science, Administrative 
Science, and the Electrical and Computer Engineering departments were 
individually interviewed. Each interview revolved around four main issues: 

• To what extent did the course address computer security 
concepts and issues? 

• If the concepts and issues were not addressed, how easy would 
it be to incorporate the (ISC)^ format into the course? 

• If the concepts and issues were addressed, how close did the 
content adhere to the (ISC) format? 

• If there were shortcomings in the amount of computer security 
issues addressed, where could improvements be made? 

Each emphasis area course within its respective department was reviewed 

for computer security related concepts or issues. Faculty members were 

encouraged to offer their opinions as to how the courses could be modified to 

adhere to the (ISC)^ certification format. 

D. INTERVIEWS WITH DOD ADP MANAGERS 

Interviews were conducted with the System Administrator/Automated 
Data Processing (ADP) Managers at two central California military 
installations to determine their computer security backgrounds and training. 
Interview questions focused on; 

• Personal Education: Did the individual have any previous 
computer experience, if so what type, and how much? 

• Training: What type of computer security training had they 
received? What actions were taken to increase the staff’s 
awareness of computer security? What type of guidance did they 
receive (e.g. local instructions. Navy instmctions, laws, etc...). 
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What were their future plans to increase computer security and 
computer security awareness at their site? 

E. COURSE ANALYSES 

Four logical course grouping areas of the 370 Curriculum; Information 
Systems, Computer Science, Communications and Electro-Optical were 
analyzed. Each course in the respective logical course grouping was 

scmtinized for relevant computer security issues using the (ISC)^ certification 
format as a cross-reference. Each course fell into one of three categories, 
either the subject was addressed, the subject was not addressed but needs 
to be, or the subject was not relevant to the course. 
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V. SUMMARY OF FINDINGS 



Both the 1989 and 1991 GAO reports discussed in chapter 2,express 
DoD’s anxiety about technically weak system administrator’s inability to 
protect sensitive electronic information. Both reports recommend a formal 
training program be established to strenghten system administrator’s 
knowledge of computer security. 

Interviews with local ADP managers support the GAO’s findings that 
system administrators receive little if any formal computer security training. 
Although only a small portion of the ADP manager population was sampled, 
it was evident that formal computer security training had not been a 
prerequisite for the position. 

Faculty interviews along with course analyses indicate only one course, 

CS 4601 Computer Security, adheres closely to the (ISC)^ certification 
format, and that computer security concepts and issues are sparse in other 

courses of the 370 Curriculum. Of the 298 topic items identified by the (ISC)^ 
certification format, 165 items are addressed in CS 4601 Computer Security, 
37 items are addressed in IS 4200 System Analysis and Design, 10 items are 
addressed in CM 3112 Navy Telecommunications Systems, and 6 items in CS 
2970 Stmctured Programming with Ada. Those courses that actually 
addressed computer security concepts or issues are highlighted in the current 
370 Curriculum matrix shown in Table 2. 
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Table 2: CURRENT INFORMATION TECHNOLOGY MANAGEMENT (370) 

CURRICULUM 



1 St 

Quarter 


IS 2000 (3-1) 

Intrcxhiction to Computer 
Management 


CS 2970 (4^1) 

Stttictwd 


OS 3101(4-1) 

Statistical Analysis for 
Management 


MN2155 (4-0) 

Accounting for 
Management 


2 nd 
Quarter 


CS 3030 (4-0) 

Computer Architecture 
and Operating Systems 


MA 1248 (4-1) 

Selected Topics in 
Applied Mathematics 


os 3004 (5-0) 

Operations Research for 
Computer Systems 
Managers 


MN 3105 (4-0) 

Oiganization and 
Management 


3rd 

Quarter 


IS 4200 (4-0) 

System Anaiysii and 


EO 2710 (4-2) 

Comm Systems I: 
Analog Signals and 
Systems 


IS 4183 (4-1) 

Applications of 
Database Management 
Systems 


IS 3170 (4-0) 

Economic Evaluation of 
Information Systems I 


4tb 

Quarter 


IS 3020 (3-2) 

Software Design 


EO 2750 (4-2) 

Comm Systems II: 
Digital Signals and 
Systems 


IS 4185 (4-1) 

Decision Support 
Systems 


IS 3171 (4-0) 

Economic Evaluation of 
Information Systems II 


5 th 

Quarter 


IS 4300 (4-0) 

Software Engineering 
and Management 


EO 3750 (4-0) 

Communications 
System Analysis 


IS 3502 (4-0) 

Computer Networks: 
Wide Area / Local Area 


Navyif 

Systems 


6 th 

Quarter 


MN4125 (4-0) 

Managing Planned 
Change in Complex 
Oi^anizations 


NS 3252 (4-0) 

Joint and Maritime 
Strategic Planmng 


IS 4502 (4-0) 

Telecommunications 

Networks 


IS 0810 (0-0) 

Thesis Research for 
Information Technology 
Management Students 


7 th 

Quarter 


MN 3154 (4-0) 

Financial Management in 
the Armed Forces 


CS 4601 (4-0) 

Computer SecMfity 


MN 3307 (4-0) 

ADP Acquisition 


IS 0810 (0-0) 

Thesis Research for 
Information Technology 
Management Students 


8 th 

Quarter 


IS 4182 (4-0) 

Information Systems 
Management 


Elective 


IS 0810 (0-0) 

Thesis Research for 
Information Technology 
Management Students 


IS 0810 (0-0) 

Thesis Research for 
Information Technology 
Management Students 



For a detailed analysis of how well each course paralleled the relevant 
computer security concepts in (ISC)^ certification format see the following 
appendices. [Ref, 20] 

• APPENDIX A Information Systems Courses 

Computer Science Courses 
Electro-Optical and Communication Courses 



APPENDIX B 
APPENDDC C 
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In order to help decipher the appendices, a small sample is provided in 
Table 3. 

Table 3: APPENDIX LEGEND 



COMPUTER SECURITY CONCEPFS AND ISSUES 


IS 20001 


IS 30201 


IS 31701 


IS3171I 


IS 3183! 


IS 35021 


IS 4182 


IS 4185 


IS 4200] 


IS 43001 


IS 45021 


I. Overview 


□ 


□ 


□ 


□ 


□ 


□ 


□ 


□ 


□ 


□ 


□ 



m 



A. Development of a Security Program 



ITT 



1 . Reason for a organizational security management policy 



m 



a. Objectives 



1. Identify sensitive systems/data 



2. Security plan 



3. Training 



M 




The concept or issue is currently addressed. 




The concept or issue is not currently addressed, but needs to be. 



The concept or issue is not relevant to the course. 
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VI. RECOMMENDATIONS 



Research indicates that the current 370 Curriculum needs a moderate 

injection of additional computer security topics to emulate the (ISC)^ 
certification format. Several recommendations for modifying the 370 
Curriculum follow: 

Recommendation 1 : Modify the 370 Curriculum to allow students 

to specialize in a particular area of interest. The curriculum would be divided 
into three subspecialty areas called “Emphasis Tracks” as follows: 

• Computer Security Emphasis Track 

• Telecommunications Networks Emphasis Track 

• Information Resource Management Emphasis Track 

Each “Emphasis Track” would have one or more mandatory required 
courses and a variety of elective courses to choose from. The 370 Curriculum 
currently provides only one elective choice for students. The flexibility of 
being able to select from a variety of elective courses would allow the 
individual to tailor the curriculum to their particular field of interest. To 
promote this flexibility, two additional elective slots can be realized with the 
elimination of MN 4125 (Managing Planned Changed in Complex 
Organizations) and IS 3171 (Economic Evaluation of Informations Systems 
n). Examples of each Emphasis Track are provided below: 

a. Computer Security Emphasis Track 
Required Courses: 

IS 3220 - Computer Center Management 

IS 4xxx^ - Risk Analysis and Disaster Recovery Planning 
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Elective Courses: 



CS 4602 
IS 3000 
IS 3503 
IS 4184 
IS 4186 
MN4125 
OS 3404 



Advanced Computer Security 

Distributed Computer System 

Micro -Computer Networks 

Information Resource Management in DoN/DoD 

Knowledge-Based Systems and Artificial Intelligence 

Managing Planned Change in Complex Organizations 

Man-Machine Interaction 



b. Telecommunications Networks Emphasis Track 
Required Course: 

IS 3000 - Distributed Computer System 

Elective Courses: 

IS 3220 - Computer Center Management 

IS 3503 - Micro-Computer Networks 

IS 4184 - Information Resource Management in DoN/DoD 

IS 4xxx - Risk Analysis and Disaster Recovery Planning 

MN 4125 - Managing Planned Change in Complex Organizations 

OS 3404 - Man-Machine Interaction 



c. Information Resource Management Emphasis Track 
Required Courses: 

IS 4184 - Information Resource Management in DoN/DoD 

Elective Courses: 

IS 3000 - Distributed Computer System 

IS 3220 - Computer Center Management 

3. IS 4xxx Risk Analysis and Disaster Recovery Planning is a course that would have to be developed. 
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IS 3503 - Micro -Computer Networks 

IS 4xxx - Risk Analysis and Disaster Recovery Planning 
MN 4125 - Managing Planned Change in Complex Organizations 
MN 4105 - Management Policy 
OS 3404 - Man-Machine Interaction 
Recommendation 2 : Eliminate the IS 3171 (Economic Evaluation 

of Informations Systems II), MN 3154 (Financial Management in the Armed 
Forces), and MN 4125 (Managing Planned Changed in Complex 
Organizations) courses from the 370 Curriculum and replace them with 
emphasis track electives. Split the CS 3030 Computer Architecture and 
Operating Systems course into two courses. One course would consist of 
primarily computer architecture, CS 3010, and the other course would consist 
primarily of operating systems, CS 3030. 

The benefit of splitting the current CS 3030 Computer Architecture and 
Operating Systems course into two separate course will allow the instmctors 
more time to present the material in greater detail as well as inject more 
security related issues. The only benefit of not splitting CS 3030 is that it 
would make room for a fourth Track Elective. Two curriculum matrices are 
shown in Tables 4 and 5. Table 4 reflects CS 3030 being split and Table 5 
reflects CS 3030 not being split. 
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Table 4: MATRIX WITH IS 3171, MN 3154, AND MN 4125 
ELIMINATED AND CS 3030 SPLIT 



1 St 

Quarter 


IS 2000 (3-1) 

Introduction to Computer 
Management 


CS 2970 (4-1) 

Structured Programming 
with Ada 


OS 3101 (4-1) 

Statistical Analysis for 
Management 


MN2155 (4-0) 

Accounting for 
Management 


2 nd 
Quarter 


CS 3010 (4-0) 

Computer Architecture 


MA 1248 (4-1) 

Selected Topics in 
Applied Mathematics 


os 3004 (5-0) 

Operations Research for 
Computer System 
Managers 


MN 3105 (4-0) 

Organization and 
Management 


3rd 

Quarter 


IS 4200 (4-0) 

System Analysis and 
Design 


EO 2710 (4-2) 

Comm Systems I: 
Analog Signals and 
Systems 


IS 4183 (4-1) 

Applications of 
Database Management 
Systems 


IS 3170 (4-0) 

Economic Evaluation of 
Information Systems I 


4 th 

Quarter 


IS 3020 (3-2)) 

Software Design 


EO 2750 (4-2) 

Comm Systems II; 
Digital Signals and 
Systems 


IS 4185 (4-1) 

Decision Support 
Systems 


CS 3030 (4-0) 

Operating Systems 


5 th 

Quarter 


IS 4300 (4-0) 

Software Engineering 
and Management 


EO 3750 (4-0) 

Communications 
System Analysis 


IS 3502 (4-0) 

Computer Networks: 
Wide Area / Lxical Area 


CM 3112 (4-0) 

Navy 

Telecommunications 

Systems 


6 th 

Quarter 


Track Elective 


NS 3252 (4-0) 

Joint and Maritime 
Strategic Planning 


IS 4502 (4-0) 

Telecommunications 

Network 


IS 0810 (0-0) 

Thesis Research for 
Information Technology 
Management Students 


7 th 

Quarter 


Track Elective 


CS 4601 (4-0) 

Computer Secunty 


MN 3307 (4-0) 

ADP Acquisition 


IS 0810 (0-0) 

Thesis Research for 
Information Technology 
Management Students 


8 th 

Quarter 


IS 4182 (4-0) 

Information Systems 
Management 


Track Elective 


IS 0810 (0-0) 

Thesis Research for 
Information Technology 
Management Students 


IS 0810 (0-0) 

Thesis Research for 
Information Technology 
Management Students 
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Table 5: MATRIX WITH IS 3171, MN 3154 AND MN 4125 ELIMINATED AND 

WITHOUT CS 3030 SPLIT 



1 St 

Quarter 


IS 2000 (3-1) 

Introduction to Computer 
Management 


CS 2970 (4-1) 

Structured Programming 
with Ada 


os 3101 (4-1) 

Statistical Analysis for 
Management 


MN 2155 (4-0) 

Accounting for 
Management 


2nd 

Quarter 


CS 3030 (4-0) 

Computer Architecture 
and Operating Systems 


MA 1248 (4-1) 

Selected Topics in 
Applied Mathematics 


os 3004 (5-0) 

Operations Research for 
Computer Systems 
Managers 


MN 3105 (4-0) 

Organization and 
Management 


3 rd 

Quarter 


IS 4200 (4-0) 

System Analysis and 
Design 


EO 2710(4-2) 

Comm Systems I: 
Analog Signals and 
Systems 


IS 4183 (4-1) 

Applications of 
Database Management 
Systems 


IS 3170 (4-0) 

Economic Evaluation of 
Information Systems I 


4 th 

Quarter 


IS 3020 (3-2)) 

Software Design 


EO 2750 (4-2) 

Comm Systems II: 
Digital Signals and 
Systems 


IS 4185 (4-1) 

Decision Support 
Systems 


MN 3307 (4-0) 

A DP Acquisition 


5 th 

Quarter 


IS 4300 (4-0) 

Software Engineenng 
and Management 


EO 3750 (4-0) 

Communications 
System Analysis 


IS 3502 (4-0) 

Computer Networks: 
Wide Area / Local Area 


CM 3112 (4-0) 

Navy 

Telecommunications 

Systems 


6tb 

Quarter 


Track Elective 


NS 3252 (4-0) 

Jomt and Maritime 
Strategic Planmng 


IS 4502 (4-0) 

Telecommunications 

Network 


IS 0810 (0-0) 

Thesis Research for 
Information Technology 
Management Students 


7 th 

Quarter 


Track Elective 


CS 4601 (4-0) 

Computer Security 


'Drack Elective 


IS 0810 (0-0) 

Thesis Research for 
Information Technology 
xManagement Students 


8 th 

Quarter 


IS 4182 (4-0) 

Information Systems 
Management 


Track Elective 


IS 0810 (0-0) 

Thesis Research for 
Information Technology 
Management Students 


IS 0810 (0-0) 

Thesis Research for 
Information Technology 
xManagement Students 



Recommendation 3 : Establish an advanced computer security 

course as an elective for those individuals desiring to gain expertise in 
computer security. Academic objectives would include an understanding of: 

• the fundamental models involved in multilevel security. 

• how the fundamental models used in multilevel security are 
implemented in the design of a secure computer system. 

• the advancements and limitations of computer security 
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technology in the areas of multilevel databases, networks and 
distributed systems. 

• the various roles encryption plays in the development of secure 
network protocols and remote access control. 

• the DoD requirements for trusted systems and the verification 
process. 

Recommendation 4 : Establish a Disaster Recovery and Planning 

course IS 4xxx, which would include: 

• current theoretical foundations for conducting risk analysis. 

• an introduction to automated assessment tools. 

• an introduction to current guidelines and directives. 

• analyses of case studies. 

Recommendation 5 : Establish a computer security laboratory, 

which would allow students to apply theoretical concepts. This lab would 
include: 

• quarantined systems which would allow students to experiment 
with viruses without infecting other computers. Students could 
monitor the life cycle of viruses along with evaluating different 
anti-virus software packages. 

• computers with communication software that would allow 
students to gain experience using both private and public key 
encryption protocols and permit them to conduct fundamental 
penetration testing. 

• TEMPEST equipment to monitor electronic emanations from 
computer systems, peripherals, and conductors. 

• a Honeywell Information System Secure Communications 
Processor (SCOMP). The SCOMP is the only system to date that 
has received an A I Orange Book security rating. The SCOMP 
would provide students a vital research tool to explore multilevel 
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security issues. 

• various biometric devices that measure human body 
characteristics used in computer security such as: retinal patterns, 
fingerprints, handprints, voice patterns, keystroke patterns, and 
signature dynamics. The Naval Postgraduate School’s 
Operations Research Department has an excellent biometrics 
laboratory which could be used as an annex of the computer 
security laboratory. 

Recommendation 5 : Provide adequate funding in order to support a 

quarterly seminar program in which visiting specialists from both government 
and civilian sectors could address students and faculty concerning new 
technologies, products and policies. 

Recommendation 6 : Restructure the IS 2000 Introduction to 

Computer Management course to include high level coverage of material 

delineated in the (ISC)^ certification format. This would expose new students 
to the importance of computer security early in the curriculum and thereby 
foster a basic understanding and appreciation of concepts that will be 
introduced in subsequent courses. 

Recommendation 7 : Use the Appendices A, B, and C as a computer 

security reference to help guide faculty members in modifying their courses to 
include relevant computer security topics. 
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VII. CONCLUSION 



DoD has become increasingly dependent upon storing its sensitive 
information in electronic form and naturally there is a deep concern for the 
integrity and privacy of this valuable information. In the recent aftermath of 
numerous electronic break-ins, the DoD continues to express anxiety over 
technically weak system administrators’ inability to protect sensitive 
electronic information. 

A significant step in minimizing electronic intrusions and bolstering 
computer security in DoD is to educate military officers and federal civilians 
in the latest technology and administrative controls available to enhance 
computer security. This can be accomplished by modifying the Information 
Technology Management (370) Curriculum at the Naval Postgraduate School 
to adhere to the proposed recommendations. 

In order to further enhance the Information Technology Management 
(370) Curriculum at the Naval Postgraduate School, and strengthen the 
graduate’s knowledge of computer security, it is imperative that the 370 
Curriculum be revised to meet the needs of DoD in this rapidly changing 
technology. 
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APPENDIX A 

Table 6: Information Systems Courses 



COMPUTER SECURITY CONCEITS AND ISSUES 


IS 20001 


IS 30201 


IS 31701 


IS 3171 


IS 3502| 


1S4182I 


IS 4183] 


IS 4185 


IS 42001 


IS 4300 


IS 4502 


I. Overview 


□ 


□ 


□ 


□ 


□ 


□ 


□ 


n 


□ 


□ 


n 




P A. Development of a Security Program ^ 


□ 


□ 


□ 






□ 


n 


m 




1 . Reason for a organizational security management policy 


IT 




□ 


m 




a. Objectives | | 




m 


m 




1. Identify sensitive systems/data 


+ 


□ 


□ 


mn 


□ 


□ 


□ 


□ 




2. Security plan 


+ 


□ 


□ 


nr 






3. Training 




□ 


□ 


nr 


n 


m 




b. Policies 


□ 




m 


IT 
























□ 


1. Written and communicated 








rii 


□ 


m 
























□ 


2, Board of directors responsibility 


□ 


□ 


□ 


C 


+ 


□ 


□ 


□ 


m 
























n 


3. DPMA model policy 


□ 


□ 


□ 


□ 


□ 


+ 


n 


□ 


□ 


m 
























□ 


c. Connectivity, organizational structure, and security 




m 
























□ 


1 . Connectivity defined 


□ 


□ 


□ 


□ 


+ 


□ 


□ 


□ 


m 
























□ 


2. Effect on organizational structure 


[T1 




+ 




□ 


m 
























□ 


1 3. Security considerations 




+ 


n 






d. Plans 


m 


m 


m 


□ 






1 . Human resource management 


+ 




+ 


m 


□ 


m 




2. Access control 




□ 


□ 


□ 


□ 




□ 


M 


LLM 




3. Data control 


+ 


□ 


□ 


rrn 1 


LU 


u 


u 
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Table 6: Information Systems Courses 



COMPUTER SECURITY CONCEFI'S AND ISSUES 


IS 2000 


IS 3020 


IS 31701 


IS 3171 


IS 35021 


IS 41821 


'qc 


2, 


IS 42001 


IS 4300 


IS 4502 




4. Labeling 


+ 


□ 


□ 


□ 


rir n 


EE 
























□ 


5. Contingency plan 


+ 


n 


n 


rr 


+ 


□ 


EE 


E 


□ 




6. Legal responsibilities 


+ 


m 


□ 


L 






EE 




e. Responsibilities 




L 


U 


U 


U 




□ 
























□ 


1. Board of Directors 




C 


+ 


E 




























2. Board of Directors & senior management 


□ 


□ 


□ 


□ 


E 


-b 


E 


E 


EE 


E 


























3. Middle management 


□ 


□ 


□ 


□ 


E 




E 




E 


























4. Users 


m 


E 


+ 


E 


E 


EE 


E 


























B. Risk Analysis 




EE 


EE 




1. Reason 


+ 


□ 


□ 


□ 


1^1 


























□ 


2. Typical contents 


+ 


n 


□ 


□ 


1^1 




□ 




3. Main purposes 


+ 


□ 


□ 


□ 


E 






1 


C. Contingency Planning 


□ 


nn 






1 


1. Defined 




□ 


IHI 




2. Backup 


+ 


□ 


□ 


□ 


E 


+ 


□ 


□ 


□ 


□ 


E 


























3. Critical elements 


+ 


□ 


H 


EE 


E 




D. Legal Issues for Managers | 




























□ 


1. Licenses 




□ 




+ 






























2. Fraud/misuse 


m 


□ 


n 


n 


+ 


El 


E 


□ 


n 


E 
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Table 6: Information Systems Courses 



COMPUTER SECURITY CONCEPTS AND ISSUES 


IS 2000 


IS 30201 


o 

r-' 

cn 


IS 3171] 


IS 35021 


00 


IS 41831 


IS 4185 


IS 4200 


IS 4300 


IS 4502 


3. Privacy 


□ 


□ 




□ 


□ 


+ 


G 


□ 


G 


□ 


n 


























4. Copyright 


n 


n 


n 




+ 


n 


n 


n 


n 


n 




5. Trade secrets ^ 


□ 


□ 


u 


u 


u 


+ 


□ 


rrm 


























6. Employee agreements 




n 


LB! 


m 


G 


G 


























E. System Validation & Verification (Accreditation) 


□ 


□ 


m 


□ 


□ 


G 


G 


G 


LM 


























1. Plan testing 


□ 




□ 




G 


G 


G 


G 


G 


























2. Acceptance of responsibility 


□ 


m 


□ 


-h 


G 


G 




G 


























R Information Systems Audit 




G 




G 


G 


G 


LM 
























□ 


n. Risk Management 


n 


m 


□ 


□ 


G 


G 






A. Asset Identification and Valuation 




□ 


□ 


□ 


□ 


m 
























M 


I. Processing valuation 


□ 


□ D 


G 


m 


m 
























□ 


2. Risk management team 


□ 




□ 


□ 




□ 


G 


G 


LM 
























□ 


3. Classification of assets | 


1 H 1 H 


G 


LLM 
























□ 


4. Subclassification of assets 




□ 


GG 


G 


G 


LM 




1 a. People, skills, and procedures 


□ 


H 


□ 


□ 


+ 


G 


□ 


LM 


G 


























b. Physical and environmental | 


□ 


+ 


LM 


+ 


G 


LLM 


G 


























c. Communications 


+ 


□ 


□ 


+ 


_n 


G 


























d. Hardware 


□ 


□ 


B 


□ 


□ 


+ 


G 


LLM 


G 


























e. Software | 


□ 


DIB 


G 


□ 


LLM 


r 






















j 


E Data and information 


LHJ 


LHJ 


□ 


G 


□ 


□ 
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Table 6: Information Systems Courses 



COMPUTER SECURITY CONCEFfS AND ISSUES 


IS 20001 


IS 30201 


IS 3170 


IS 31711 


IS 35021 


IS 4182 


IS 41831 


IS 4185 


IS 4200 


IS 4300 


IS 45021 




g. Goodwill 1 


D 






+ 


I 


m 
























□ 


5. Determining values for assets j 




n 


n 


n 


m 




a. Acquired and intrinsic values 


□ 


D_TB 




























b. Purpose of assigning value to assets 


□ 


HIIH 


i 

1 


n 


□ 


E 


























c. How to measure assets values 
















d. Criticality and sensitivity 


□ 


C 


□ 






□ 


□ 


□ 
























□ 


1. Criticality: business impact, revenue losses 


□ 


E 


+ 
































□ 


embarrassment, legal problems 


□ 


m 




























□ 


2. Sensitivity: privacy, trade secrets, planning 


+ 


□I 


+ 


m 


□ 


m 
























n 


information, financial data 






□ 


m 
























□ 


3. Sources MIS, users, senior management 


□ 


c 


+ 


□ 


□ 


+ 


























n 


4. Levels: military, national security, commercial 


D 


a~za 




m 
























□ 


e. Asset valuation: standard accounting 


DIIB 




























f. Asset valuation: replacement value 


□ 


+ 


□ 


□ 


+ 


IT 


□ 


E 


























g. Asset valuation: loss of availability 


□ 


□ 


Q Q 


□ 


m 


m 
























□ 


h. Asset valuation: estimating methods 


□ 


HIIH 




1 


6. Use of asset analysis results 






IT 


1 


a. Limitations 


m 


□ 




























1. Lack of data 




Him 
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Table 6: Information Systems Courses 



COMPUTER SECURITY C()NCEI>TS AND ISSUES 


IS 20001 


IS 3020 


IS 3170 


IS 31711 


IS 35021 


1S4182I 


IS 41^1 


IS 41851 


IS 42001 


IS 43001 


IS 4502 1 


2. Interpretation j 


n 


rm 


n 


LH 


□ 


□ 


M 


LM 


1 


B . Threat and Exposure Assessment 


□ 






n 


r 


r 




1 . Threats, vulnerabilities, and exposures defined 


□ 


□ 


i 


□ 


+ 


TTin 


M 








2. Methodologies for threat assessment ] 


n 




1 


□ 


1 


m 


M 


M 








a. Properties of threats 


□ 


□ 


□ 


□ 




□ 


□ 


□ 


□ 


□ 








1 b. Properties of assets 


LM 


u 


L 


L 


+ 


L 


L 


M 


M 


M 








[ c. Combining properties: the cost exposure matrix 


U 


u 


u 


L 


L 


+ 


L 


L 


M 


L 


M 








3. Probability concepts 


m 


□ 


□ 


m 


□ 




MM 




a. Definitions 


□ 


□ 




L 






LM 








b. Tables of probability values 




L 


D 


□ 


□ 


M 


M 


M 






c. Fuzzy metrics 






+ 




m 






1 


d. Expected values 




□ 


□ 


D 


□ 


LM 


M 


M 








e. Worst case 


□ 


+ 


□ 


LM 


MM 








f. Automated packages 


□ 


LM 


□ 


□ 


+ 


□ 


M 


M 


M 


M 






1 


4. Sources of threat information 


□ 




M 


M 


M 


M 




1 a. Vulnerability analysis 1 1 1 1 1 


L 


+ 


1 1 1 1 


M 








b. Scenarios 


m 


□ 


□ 


□ 


+ 


n 


m 


□ 


□ 






1 


1 c. Past history 


□ 


D 


□ 




M 






1 d. Outside Sources 


LM 


LM 


L 


+ 


M 


LM 


U 


M 








5. Calculating exposures 


Mill 


u 


D 


JJ 


U 


U 


M 
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Table 6; Information Systems Courses 



COMPUTER SECURITY CONCERrS AND ISSUES 


IS 2000 


IS 3020 


IS 3170 


IS 31711 


IS 3502 


IS 4182 


IS 41831 


IS 4185 


IS 4200 


IS 4300 


IS 4502 




III, Safeguards: Security and Control Measures 


n 


t: 


j 


□ 


□ 


MM 




A. Overview of Safeguards 


□ 


rn 


MI J 


m 


rn 




1. Common sense 


tr □ 






2. Types of controls: prevention, detection, reaction 


u 


Mill 


U 


u 


n 


m 




a. Basic purpose of controls 


+ 






+ 


1 






b. Prevention 




□ 


□ 


cr 


+ 


m 






c. Detection 


+ 






rn 


□ 


rn 




d. Containment 


+ 


□ 


□ 


rr 


+ 


rn 


n 


n 


□ 




e. Reaction or correction 


B 


□ 




+ 


□ 






3. Design strategies 


m 


□ 


m 








a. Countermeasures 


+ 




+ 


rn 










b. Countermeasure selection 


□ 


□ 


□ 




+ 




□ 


m 








c. Sensitivity analysis 






m 


nr 


n 








d. Decision analysis 




+ 


m 


m 








e. Goal-seeking heuristics 




+ 










f. Risk perception and communication 




+ 










4. Components of EDP security 


□ 






a. Administrative and organizational controls 


+ 


m 


□ 


rn 






1 


b. Policies 


□ 




+ 


MI 


M 
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Table 6: Information Systems Courses 



COMPUTER SECURITY CONCEPTS AND ISSUES 


IS 20001 


IS 3020 


IS 31701 


IS 3171 


IS 35021 


IS4182| 


IS 4183] 


IS 4185 


o 

o 

1 


6^ 

ir^ 

C/5 


IS 45021 


c. Personnel 


□ 


□ 


n 


n 


r 


+ 


n 


n 


f 




n 








d. Physical and environmental security 


□ 


n 


n 


m 


+ 


rn 


n 


r 








1 e. Computer operations 


rr 




1 


n 


m 


n 








f. Contingency planning | | 






n 


m 


m 






I 


5. Components of EDP security: technical 


□ 




m 


□ 


□ 


□ 


□ 


□ 






1 


a. Communication and electronic exposures 


n 




n 


r 


+ 


n 


n 


n 


m 








b. Hardware 


n 




r 


+ 


□ 


□ 


□ 


□ 


□ 








c. Encryption 




r 




□ 


□ 


□ 


□ 


□ 








d. Software 




r 


+ 


□ 


n 


□ 


m 








B. Organizational and Administrative Controls 


□ 






□ 


□ 


m 








1 . Trade secrets, employee agreements, conflict of interest 


[T] 


m 


r 




□ 


□ 


□ 


m 






1 


2. Security policy 


□ 






□ 




a. Intent (related to sensitivity) 


□ 


r 


+ 


□ 


□ 


□ 


m 








b. Access to and distribution of information 


□ 


□ 


+ 


□ 


m 


m 








c. Laws 


□ 


□ 




□ 










1 d. Regulations 1 1 1 1 1 


M 


+ 


u 


LM 


LM 








e. Company policy 


□1 


+ 





□ 






1 


f. Mandatory and discretionary security 


n 


+ 


□ 




□ 








g. Accountability: identification, authentication, audit 




□ 


+ 


□ 




□ 


□ 








3. Responsibility areas. System Security Officer 


□ 








□ 


□ 
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Table 6: Information Systems Courses 



COMPUTER SECURITY CONCEFfS AND ISSUES 



QC 



C/2IC/5 



a. Basic role 



b. Duties 



c. Training and skills for a System Security Office 



4. Employee training 



a. Orientation 



b. Skills 



5. Telecommuting 



C. Personnel Consideration 



1. Human motives for criminal action 



2. Employee selection 



a. Application forms 



b. Permissions for investigations 



c. Security clearance and citizenship 



3. Professional certificates 



4. Working environment 



a. Vacations and job rotation 



b. Employee-management relations 



c. Career path planning 



d. Remuneration 
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Table 6: Information Systems Courses 



COMPUTER SECURITY CONCEPTS AND ISSUES 



5. Access rights and privileges 



6. Prosecution for adverse actions 



o 


O 


o 












o 


o 


pT 


o 






r- 


o 


QC 


00 


loo 


o 




lo 


o 


O 






ir) 












to 


, 














Tt “ 










in 


m 


in 


in 


^ 1 


in 


fe 


\in 


in 




B 








LHJ 


□ 


r 







7. Employee separation 








~tr 








D. Physical and Environmental Security 


















1 . S ite location and construction 


















a. Computer room considerations 


H H 1 H 


r 






























b. Special microcomputer problems 






H 


1 


nr 
































2. Physical access 
















a. Access vs. security 


ETia 


r 


nr 




























b. Rooms, windows, doors, keys 




1 


D 


1 


nr 
































3. Power 










a. Spikes, surges, brownouts 


H H 1 H 


r 




























b. Costs of prevention/protection equipment 




H 1 y 








4. Air-conditioning | 


ETB 




m 














5. Water exposures and problems 


H H 1 H 










6. Fire prevention | 


ETQ 




nr 


























7. Fire protection 




□ 1 □ 


























8. Tape and media libraries; retention policies 




Q 1 D 


























9. Waste disposal 


□ 1 □ 


























10. Off-site storage 


D 1 D 
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Table 6: Information Systems Courses 



COMPUTER SECURITY CONCEITS AND ISSUES 

5 


IS 20001 


IS 3020] 


IS 31701 


IS 31711 


IS 35021 


IS 4182 


IS 4183 


IS 4185] 


IS 4200 


IS 4300 


IS 45021 




1 1 . Document libraries iuid controls 


n 


+ 


n 


□ 


+ 


n 


□ 


n 


m 




E. Computer Operations 


□ 


□ 


□ 


□ 




□ 


□ 


□ 


□ 


□ 
























□ 


1 . Organization of computer operations 


zr 
























□ 


a. Mainframes 


□ 


□ 


c 


+ 


□ 


□ 




























b. Minicomputers 


□ 


□ 


□ 


□ 


c 


+ 


□ 


□ 


□ 


□ 


I 


























c. Microcomputers/office automation 


m 


c 


+ 


□ 


□ 


□ 


□ 


c 


























2. Separation of duties 


□ 


□ 


□ 


□ 


c 




□ 


□ 


□ 


□ 


L 


























3. Controls at interfaces 


□ 


□ 




c 


■f 


□ 


□ 


m 


C 


























4. Media controls 


m 


c 


+ 


□ 


□ 


□ 


□ 


c 


























5. Backup procedures 


m 


□ 


□ 


D 


+ 


□ 


□ 


□ 


□ 


c 


























6. People controls 


□ 


□ 


□ 


+ 


□ 


□ 


□ 


□ 


c 


























F. Contingency Planning 




[T] 


m 


n 






1. Backups and procedures 




□ 






a. Data 


□ 




□ 


“HI 


























□ 


b. Manuals and documentation 


□ 


+ 


□ 


□ 


□ 


+ 


□ 


□ 






c. Equipment 


□ 


+ 


□ 


□ 


ih: 


1 


1. Air conditioning 


□ 




□ 


□ 


□ 




□ 


□ 


□ 


□ 


□ 




2. Uninterruptible power supply 


□ 


+ 


□ 


□ 


□ 


+ 


□ 


□ 


□ 


m 




2. Catastrophe planning 


m 


□ 


□ 


m 


1 
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Table 6: Information Systems Courses 



COMPUTER SECURITY CONCE^rS AND ISSUES 


IS 20001 


IS 30201 


IS 31701 


IS 3171 


IS 35021 


IS 41821 


IS 41831 


IS 41851 


IS 4200 


IS 4300 


IS 4502 


a. Stages in a disaster | 


lH 


n 


n 


□ 


+ 


□ 


□ 


n 


n 


n 




b. Planning and response teams 


+ 


j 


□ 


+ 


rirn 


c 


























c. Testing plan 


+ 






rn 


r M 




I d. Communication of plan 


+ 


□ 


IT 


Q 


mn 


m 




3. Security and controls in off-site backup and facilities 




□ 


□ 


□ 


+ 


□ 




□ 




4. Business and DP insurance 


□ 


+ 


□ 


□ 


□ 


+ 


□ 


□ 


□ 


□ 


□ 




5. Software escrow arrangements 


m 


□ 


□ 




rn 


□ 


□ 




IV. Safeguards: Security and Control Measures, Technical 


□ 


□ 




□ 


□ 


□ 


□ 




A. Hackers and reality: Perception of Risk 


+ 


m 




□ 






B. Communications and Electronic Exposures 


□ 


□ 






□ 




1. Locus of attack 


□ 






□ 
























j 


a. Terminals 


MM 


H 


m 


□ 


-b 
























□ 


b. Hosts 


rn 


□ 


m 


□ 


+ 




+ 
























□ 


c. Front-end processors 




+ 




+ 
























□ 


d. Gateways 


□ 


m 


□ 


m 


+ 




+ 
























□ 


e. Links 




□ 


+ 


m 


□ 


+ 
























□ 


f. Switches (multiplexors, packet switching, etc.) 




+ 




+ 
























□ 


g. Special problems with intelligent workstations 




□ 


+ 


LLM 


+ 


























2. Types of attack 






E 


























a. Passive: disclosure; traffic analysis; add/remove nodes 


m 


m 


□ 


□ 


+ 


m 


□ 
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Table 6: Information Systems Courses 



COMPUTER SECURITY CONCErrS AND ISSUES 


IS 20001 


IS 30201 


IS 31701 


IS3171] 


IS 3502 


IS 4182 


IS 4183 


IS 4185 


IS 4200 


o 

o 

'^1 

22 


IS 4502 






1— ^ 




1— 1 


1 1 













b. Active: moditicaiion; insertion; deletion; replay 



3. Electronic 



a. Incoming: interruptions; static; FRl; EMP 



b. Outgoing: leakage 



c. Solutions: shielding 



4. Communications 

























a. Value-added communications 



b. exposures incoming: noise and interference 



c. Exposures outgoing: interception, replacement 



d. Solution: physical measures 



e. Solutions: encryption 



f. ISO OSI communications standards 



5. Network design 



a. Design considerations 



1. Integration of countermeasures into network 



design: cryptographic checksum; time stamp; 






Bell/LaPadula model 





2. Integration of countermeasures into protocol layers: 



link level encryption; end-to-end encryption 
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Table 6: Information Systems Courses 



COMI'UTKR SECURITY CONCErfS AND ISSUES 


IS 20001 


O 


IS 3170 


IS 31711 


IS 35021 


IS4182I 


IS 41831 


IS 41851 


IS 420^ 


IS 4300 


IS 4502 


b. Assurance 


□ 


d 


□ 


□ 


□ 


□ 


□ 


□ 


□ 


□ 


□ 



I . Concept of trust 



2. Degrees of trustworthiness 



3. Trusted network base 



4. Testing 



5. Formal specification 



6. Formal verification 






•an 



m 



ft 



m 



C. Encryption 



1. Definition (plaintext, ciphertext; encryption/decryption) 



2. Public key and private key 




3. Key distribution 








pn 

H 




4. Link level, end-to-end 










H m 




5. Block mode, cipher block chaining, stream ciphers 










IBID 



(synchronous and self-synchronous) 






6. DES, RSA g 




rmsr 




rTB~ 


7. Cryptanalysis and strength of ciphers (theoretically secure, 






□ 




computationally secure) 














8. Advantages and disadvantages 








BI 




D. Software and Operating System Controls 














1. Secure operating systems 
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Table 6: Information Systems Courses 



COMPUTER SECURITY C()NCEI*TS AND ISSUES 



1 '^ 



a. History 






O 

IT) 

C/5 



b. Concepts: capabilities, reference validations 



1 . Secure kernels 



2. Reference validations and capabilities 



c. Present guidelines and standards, trusted computer base 



d. Design principles fro secure systems 



1 . Least privilege 



2. Open design 



3. Fail-safe defaults 



4. Economy of mechanisms 



5. Naturalness (human factors) 



6. Continuous protection 



e. Common penetration methods and countermeasures 



1. Trojan horse; virus; worm; salami; piggyback; 



deception; human compromise; etc. 



2. Controls on changes; audit trails; program library; 



code comparison; checksums and encryption; 



vaccines and antiviral agents; access control; etc. 



2. Access control 
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Table 6: Information Systems Courses 



COMPUTER SECURITY CONCEIT’S AND ISSUES 


IS 2000 ; 


IS 3020 


IS 3170 


IS 3171 


IS 3502] 


IS 4182) 


IS 41831 


IS 41851 


IS 42001 


IS 43001 


IS 4502 


a. Discretionary access control 


r 


n 


□ 


□ 


□ 


□ 


□ 


r 


r 


n 


n 


n 


1 . Subjects and objects 


n 






□ 


□ 


□ 


□ 


■n 


n 




2. Access privileges ) | | 


□ 


□ 






3. Granting/revoking of privileges 




□ 


M 


□ 


□ 


iLL 




4. Access control lists 


□ 


m 


□ 




m 




5. Capabilities, descriptors 


□ 




in 


n 




6. Supervisor states, rings, dommns 


□ 


□ 


□ 


□ 




IT 


□ 




b. Non*discretionary access control 


m 


□ 


□ 




□ 






1. Labels on subjects, objects 




□ 




m 




2. Rules for reading, writing 


m 


□ 


□ 




□ 




3. Software Controls: Development 


□ 


□ 




□ 


□ 


m 




a. The real problem: bugs EX3 


□ 


□ 


msj 




b. Software engineering principles: layering, modularity 


nm 








c. Structured methods 


□ 


+ 




□ 


□ 


m: 


OJ 








d. Formal specification and verification Q 


liiri 


J 


e. Program library/librarian 


rm 


□ 




1 


f. Data dictionary as a control 


□ 


+ 






H 


□ 


1 


g. Conversion and implementation 


nr 


□ 






4. Software controls: Maintenance 


rn 


□ 


□ 


□ 




□ 




a. Separation of duties 


nm 


□ 


cm 


IQ 


□ 
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Table 6: Information Systems Courses 



COMPUTER SECURITY CONCEPTS AND ISSUES 



b. Testing controls 



c. Change control 



QO QC 

C/2 



C/2 



mo 



m 



5. Assurance 



a. Integrity 



b. Testing 



c. Specification/verification 



d. Facility management 






e. Disaster/contingency 



f. Compliance/degree of trust 






E 



E. Database systems security 



1. Overview 



a. Review of basic concepts of information protection 



b. Role of information protection in database systems 



2. Threats 



a. Direct disclosure of data 



b. Modification of data/tampering with data 



c. Inference 



d. Aggregation 



e. Trojan horse 
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Table 6: Information Systems Courses 



COMPUTER SECURITY CONCEl>TS AND ISSUES 

f 


IS 20001 


'O 

n 

o 

c/: 


IS 31701 


IS3171I 


IS 35021 


IS 41821 


oc 

cn 


IS4185I 


IS 4200 


IS 430^ 


IS 4502 1 


f. Covert disclosure of data 


□ 




n 


n 


r 




n 


n 


n 




3. Policy/mechanism 




n 


m 




D 


n 


a. Policy versus mechanism 


r 


rr 


□ 


r 


r 


n 


n 


n 


n 






b. Access controls 


r 


□ 


r 


rr 


n 


□ 


□ 


r 


r 


n 








1 . Access right and privileges 


c 


□ 


□ 


m 


D 




□ 


□ 


□ 


n 








2. Access control policies 


n 


□ 


□ 


□ 


rn 




n 


n 


n 


n 








3. Granularity 


□ 


□ 


n 


□ 


n 


n 


+ 


n 


n 


n 


n 








4. Labels 


m 


□ 


r 


n 


n 


+ 


n 


n 


n 


n 








5. Access control mechanisms 


□ 


m 




+ 


n 


n 


n 


n 








c. Inference controls 


rn 






n 


n 




d. Integrity controls 


□ 


□ 


1 

! 


m 


□ 


ID 








1. Integrity policy 


□ 




1 


+ 


n 


n 


m 








2. Integrity mechanisms 


□ 


□ 


rn 


n 


■b 




rn 








e. Accountability controls 




ID 








1 . Identification and authentication 






+ 


□ 


n 


n 


n 








2. Audit 


□ 


□ 


+ 


□ 










4, Design issues 




rn 


n 


n 




a. Protection Approaches 


rn 




n 


n 








I . Trusted kernel 


+ 


m 


n 


n 


+ 


□ 


rn 


□ 




2. Trusted filter 


H 


ID 


□ 


□ 




□ 


ID 


□ 
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Table 6: Information Systems Courses 



COMPUTER SECURITY CONCEFfS AND ISSUES 


IS 2000 


IS 3020 


IS 31701 


IS 3171] 


IS 3502 


IS 4182 


IS 4183 


IS 4185 


IS 4200 


IS 4300 


IS 4502 


1 


3. Encryption 


n 








D 


□ 


m 


n 




b. Performance 


n 




□ 


rr 


□ 






r 


n 




na 








c. Storage 


r 


□ 


m 


+ 




r 


n 








d. Access control vs. integrity 


□ 


+ 


□ 


□ 


L 


r 




m 


m 




e. Assurance 


+ 






n 


□ 


n 


n 




V. Legal Environment and Professionalism 






□ 


rr 


□ 




A. Law and legislation 




□ 




□ 


r 


rn 




1. The underlying problem 




r 




r 


r 


n 




a. Theft, copying software, privacy 


+ 


□j 


□I 


+ 


□ 


□ 










b. Fraud 




rr 


+ 










c. Physical abuse 


□ 


□ 


□ 


□ 


r 


+ 




□ 


m 








d. Misuse of information 


□ 


rn 




+ 








e. Sabotage 


+ 










2. Laws as tools for computer security 


m 












a. Privacy laws and legislation 


□ 


□ 


□ 




+ 




rn 








b. Intellectual property laws 


□ 


□ 


□ 












1. Copyright law 


m 




+ 










2. Trade secret law 


+ 


□ 


in 


rn 






1 


3. Patent law 




+ 


□ 
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Table 6: Information Systems Courses 



COMPUTER SECURITY CONCEITS AND ISSUES 


IS 2000] 


IS 3020 


IS 31701 


1S31711 


IS 35021 


00 ' 


oo 


ISSIFSI 


IS 42001 


IS 43001 


O 


4. Trademark law 


□ 


n 


r 


□ 


□ 


Bj 


r 


r 


□ 






c. Federal laws (esp. Computer Security Act 1987) 








HU 


LI 






1 d. State statutes 


□ 


r 


FT an 


□ 


□ 


□ 


□ 




[ e. DPMA Model Computer Crime Bill 








+ 


m 


n 






D 




f. Computer crime legislation in other countries 




□ 




□ 


n 


n 


□ 


n 






3. Legislation as legal options to control computer crime 


□ 




□ 


□ 


m 


□ 


□ 




B 




a. License agreements (consumer license agreements) 


n 


n 


m 


□ 


□ 




□ 


□ 








b. permanent license agreements 


□ 


□ 




+ 


□ 


□ 


□ 


m 








c. Intellectual property rights 


n 


□ 




□ 




□ 


□ 


□ 


□ 


□ 




B 




d. Employee non-disclosure considerations 


□ 


□ 


□ 






□ 


□ 






e. Contracts 


m 


□ 


m 


□ 


m 


m 


□ 




B 




1 . Software development contracts 








□ 


□ 


□ 






2. Legal aspects of software purchasing 


□ 


□ 


□ 


nr 


n 








3. Leasing contracts 


□ 


m 


□ 


□ 


+ 


□□ 


□ 


□ 


□ 




■ 

+ 

■ 

+ 

■ 




f. Warranties for software and hardware 


□ 


□ 


□ 


□ 


□ 










4. Control of strategic materials 


□ 


□ 


□ 


□ 


□ 




□ 


□ 


□ 






5. Fraud and crime prevention and detection 


□ 




□ 


+ 




□ 


□ 


□ 




B 




6. Investigation; evidentiary trial 


□ 




□ 




rn 


□ 






B. Ethics and professionalism 


□ 




n 


□ 


□ 


m 


□ 




1. Ethical decision-making 


□ 


m 


□ 


run 


□ 


□ 


□ 
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Table 6: Information Systems Courses 



COMPUTER SECURITY CONCEPl'S AND ISSUES 


IS 20001 


IS 3020 


IS 3170 


IS 31711 


IS 3502 


IS 4182 


IS 4183! 


IS 4185 


IS 4200 


IS 4300 


IS 4502 




2. Professional societies 






irn 




1 a. British Computer Society ] 






LH 


M 


u 


rn 


□ 








1 b. North America: DPMA and ICCP j 


□ 


MM 




M 


r 


□ 








c. Canada; CIPS and DPMA 






□ 


i 








1. CIPS 


□ 






+ 




□ 


m 








2. DPMA Canada 


n 


m 




+ 




□ 


□ 


□ 








d. Computer Professionals for Social Responsibility 




rr 


+ 


rr 


□ 


□ 


□ 








e. EDP Auditors Foundation 






+ 












3. National Computer Security Center 


□ 


m 




+ 










4. National Bureau of Standards 




rr 






□ 


m 








5. Certificate in Data Processing(CPC): Certified Information 




rr 


+ 


rr 


□ 










Systems Auditor (CISA) 


□ 




VI. CICA Computer Control Guidelines 


□ 


m 


□ 


! 


□ 


ni 




A. Accounting and auditing 


□ 








1 . Computer Control Guidelines 










a. Responsibility for Control 






rn 










b. Information Systems Development and Acquisition 




+ 


□ 










c. Information Systems Processing 


□ 


+ 










d. Segregation of Incompatible Functions and Controls 




□ 


+ 


M 
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COMPUTER SECURITY CONCEPTS AND ISSUES 


o 

o 


IS 30201 


IS 31701 


1S3171] 


IS 35021 


00 


IS4183I 


IS 41851 


IS 42001 


IS 43001 


IS 45'^ 


e. Application Controls 




n 


n 


n 


□ 


+ 


n 


n 


r 


n 


n 










2. Information systems audit 


□ 


m 


□ 




□ 


n 


r 








1 a. Security review objectives j 


n 


n 






n 


m 


m 








b. Specific security controls 


n 


rr 


+ 


n 


m 


m 








c. Security review process 


□ 


□ 


m 


□ 


Q 


n 


□ 


□ 


m 








d. Evidence accumulation 


n 


□ 


□ 


□ 


r 


B 


□ 


n 


□ 


n 


n 






e. Evaluation of test results 


r 


□ 




n 


n 


n 


n 


n 








f. Communication of control weaknesses 


□ 


□ 


m 


n 


+ 


m 
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APPENDIX B 

Table 7: Computer Science Courses 



COMPUTER SECURITY CONCEITS AND ISSUES 



I. Overview 



o 


o 








o« 


Ov 


o 










CT! 


cn 


c/2 


U 


u 


U 


1 







A. Development of a Secunty Program 



1. Reason for a organizational security management policy 



a. Objectives 



1 . Identify sensitive systems/data 



H 



2. Security plan 



m 



3. Training 



b. Policies 



1. Written and communicated 



2. Board of directors responsibility 



3. DPMA model policy 



c. Connectivity, organizational structure, and security 



1 . Connectivity defined 



2. Effect on organizational structure 



3. Security considerations 



d. Plans 



1. Human resource management 



2. Access control 



3. Data control 
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Table 7: Computer Science Courses 



COMPUTER SECURITY CONCEIT'S AND ISSUES 



4. Labeling 



5. Contingency plan 



6. Legal responsibilities 



e. Responsibilities 



1. Board of Directors 



2. Board of Directors & senior management 



3. Middle management 



4. Users 



B. Risk Analysis 



L Reason 



m 



2. Typical contents 



3. Main purposes 



m 



C. Contingency Planning 



L Defined 



2. Backup 



3. Critical elements 



D. Legal Issues for Managers 



L Licenses 



2 , Fraud/misuse 
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Table 7: Computer Science Courses 



COMPUTER SECURITY CONCEITS AND ISSUES 


CS 29701 


CS 30301 


CS 4601| 


3. Privacy | 


□ 






4. Copyright 

1 


□ 


[■ 


m 




5. Trade secrets 

i 


□ 


IB 






6. Employee agreements i 


□ 


M 


1 


E. System Validation & Verification (Accreditation) 


□ 


m 




1. Plan testing Hi 




2. Acceptance of responsibility 


IB 




F. Information Systems Audit 


m 




II. Risk Management 


m 




A. Asset Identification and Valuation 


m 




1. Processing valuation 


□ 


r 


m 




2. Risk management team 


rr 


g 






3. Classification of assets 


1 




4. Subclassification of assets 




a. People, skills, and procedures 


IB 




b. Physical and environmental p| 




c. Communications 


m 


g 




d. Hardware 




e. Software 


m 




f. Data and information 
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Table 7: Computer Science Courses 



COMPUTER SECURITY CONCEPTS AND ISSUES 



o 

c/5 

U 



g. Goodwill 



5. Determining values for assets 



a. Acquired and intrinsic values 



1 

'1 



b. Purpose of assigning value to assets 



c. How to measure assets values 



d. Criticality and sensitivity 



1. Criticality: business impact, revenue losses 



m 



embarrassment, legal problems 



m 



2. Sensitivity: privacy, trade secrets, planning 



information, financial data 



3. Sources MIS, users, senior management 



4, Levels: military, national security, commercial 



m 



e. Asset valuation: standard accounting 



f. Asset valuation: replacement value 



I 

m 



g. Asset valuation: loss of availability 



h. Asset valuation: estimating methods 



6. Use of asset analysis results 



a. Limitations 



1. Lack of data 
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Table 7: Computer Science Courses 



COMPUTER SECURITY CONCEIT'S AND ISSUES 


CS 29701 


CS 30301 


CS 46011 


2. Interpretation 


□ 






B. Threat and Exposure Assessment 




1 . Threats, vulnerabilities, and exposures defined 


□1 




2. Methodologies for threat assessment 


MM 




a. Properties of threats 


rr 


m 




b. Properties of assets 


1 




c. Combining properties: the cost exposure matrix 






3. Probability concepts 


□ 


m 




a. Definitions 


■ 




b. Tables of probability values 


1 




c. Fuzzy metrics 


■ 




d. Expected values 




m 




e. Worst case 


■ 




f. Automated packages 


IB 




4. Sources of threat information 






a. Vulnerability analysis i§ 




b. Scenarios 




c. Past history 


g 




d. Outside Sources 


□ 




□ 


5. Calculating exposures 


□ 


H 
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Table 7: Computer Science Courses 



COMPUTER SECURITY CONCEITS AND ISSUES 


CS 29701 


CS 30301 


CS 46011 




in. Safeguards: Security and Control Measures 








A. Overview of Safeguards 


□ 


□ 


r 




1. Common sense 


m 






2. Types of controls: prevention, detection, reaction 




a. Basic purpose of controls lH 




b. Prevention ||: 


m 




c. Detection [1^ 






d. Containment 


□ 


□ 


□ 




e. Reaction or correction 


□ 


□ 




3. Design strategies 


□ 


n 


□ 




a. Countermeasures 


□ 


■ 




b. Countermeasure selection 


□ 


1 




c. Sensitivity analysis 






d. Decision analysis 






e. Goal-seeking heuristics 






f. Risk perception and communication 


■ 




1 4. Components of EDP security 






a. Administrative and organizational controls 


□ 


□ 






b. Policies 


□ 


m 
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Table 7: Computer Science Courses 



COMPUTER SECURITY CONCEITS AND ISSUES 



c. Personnel 







o 




o 












c/5 


c/5 




U 


U 


L 







d. Physical and environmental security 



e. Computer operations 



f. Contingency planning 



5. Components of EDP security: technical 



1 



a. Communication and electronic exposures 



b. Hardware 



c. Encryption 



d. Software 



m 



B. Organizational and Administrative Controls 



1 



1. Trade secrets, employee agreements, conflict of interest 



2. Security policy 



a. Intent (related to sensitivity) 



b. Access to and distribution of information 



c. Laws 



d. Regulations 



e. Company policy 



f. Mandatory and discretionary security 



g. Accountability: identification, authentication, audit 



3. Responsibility areas. System Security Officer 
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Table 7: Computer Science Courses 



COMPUTER SECURITY CONCEITS AND ISSUES 



S: 



o 



U 



a. Basic role 



b. Duties 



c. Training and skills for a System Security Office 



4. Employee training 



a. Orientation 



b. Skills 



5. Telecommuting 



C. Personnel Consideration 



WM 



1. Human motives for criminal action 



2. Employee selection 



a. Application forms 



b. Permissions for investigations 



c. Security clearance and citizenship 



3. Professional certificates 



4. Working environment 



a. Vacations and job rotation 



b. Employee-management relations 



c. Career path planning 



d. Remuneration 
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Table 7: Computer Science Courses 



COMPUTER SECURITY C()NCEI»TS AND ISSUES 



5. Access nghis and privileges 



6. Prosecution for adverse actions 



7. Employee separadon 



D. Physical and Environmental Security 



1. Site location and construction 



a. Computer room considerations 



b. Special microcomputer problems 



2. Physical access 



a. Access vs. security 



b. Rooms, windows, doors, keys 



3. Power 



a. Spikes, surges, brownouts 



b. Costs of prevention/protection equipment 



4. Air-conditioning 



5. Water exposures and problems 



6. Fire prevention 



7. Fire protection 



8. Tape and media libraries; retention policies 



9. Waste disposal 



10. Off-site storage 
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Table 7: Computer Science Courses 



COMPUTER SECURITY CONCEPTS AND ISSUES 


CS 29701 


Ioe 0 € S3 


CS 46011 




1 1 . Document libraries and controls 


m 


m 




E. Computer Operations 






1 . Organization of computer operations 


m 




a. Mainframes 


u 


u 


u 




b. Minicomputers 


□ 


□ 




c. Microcomputers/office automation 


□ 


□ 


□ 




2. Separation of duties 


□ 


□ 


□ 




3. Controls at interfaces 


□ 


□ 


□ 




4. Media controls 


□ 


□ 


□ 




5. Backup procedures 


□ 


□ 


H 




6. People controls 


□ 


□ 




F. Contingency Planning 


□ 


□ 




1. Backups and procedures 


□ 


m 




a. Data 




b. Manuals and documentation 


□ 


“H 




c. Equipment 


m 




1. Air conditioning 


m 


□ 




2. Uninterruptible power supply 




2. Catastrophe planning 


□ 


□ 
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Table 7: Computer Science Courses 



COMPUTER SECURITY CONCErrS AND ISSUES 



a. Stages in a disaster 



[o 


o 








o 




o 


so 


(S 








c/2 


c/2 


U 


u 


U 


L 




n 



1 



b. Planning and response teams 



c. Testing plan 



m 



d. Communication of plan 



3. Security and controls in off-site backup and facilities 



4. Business and DP insurance 



5. Software escrow arrangements 



IV. Safeguards: Security and Control Measures, Technical 



A. Hackers and reality: Perception of Risk 






B. Communications and Electronic Exposures 



1. Locus of attack 



a. Terminals 



b. Hosts 



c. Front-end processors 



d. Gateways 



e. Links 



f. Switches (multiplexors, packet switching, etc.) 



g. Special problems with intelligent workstations 



2. Types of attack 



a. Passive: disclosure; traffic analysis; add/remove nodes 
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Table 7: Computer Science Courses 



COMPUTER SECURITY CONCEITS AND ISSUES 



ON i'O 



U 



b. Active: modification: insertion; deletion; replay 



3. Electronic 



a. Incoming: interruptions; static; FRI; EMP 



b. Outgoing: leakage 



c. Solutions: shielding 



4. Communications 



a. Value-added communications 



b. exposures incoming: noise and interference 



c. Exposures outgoing: interception, replacement 



d. Solution: physical measures 



e. Solutions: encryption 



f. ISO OS I communications standards 



5. Network design 



a. Design considerations 



1. Integration of countermeasures into network 



design: cryptographic checksum; time stamp; 



Bell/LaPadula model 



2. Integration of counteimeasures into protocol layers: 



link level encryption; end-to-end encryption 
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Table 7: Computer Science Courses 



COMPUTER SECURITY CONCEFFS AND ISSUES 



b. Assurance 



r- 

ON 

u 



1. Concept ot trust 



2. Degrees of trustworthiness 



3. Trusted network base 



4. Testing 



5. Formal specification 



6. Formal verification 



C. Encryption 



1. Definition (plaintext, ciphertext; encryption/decryption) 



2. Public key and private key 



3. Key distribution 



» 



4. Link level, end-to-end 



5. Block mode, cipher block chaining, stream ciphers 



m 



(synchronous and self-synchronous) 



6. DES, RSA 



7. Cryptanalysis and strength of ciphers (theoretically secure 



computationally secure) 



m 



8. Advantages and disadvantages 



D. Software and Operating System Controls 



1. Secure operating systems 
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Table 7: Computer Science Courses 



COMPUTER SECURITY CONCEPrS AND ISSUES 


CS 29701 


o 

fn 

o 

c/2 

U 


CS 46011 




a. History | 


m 


m 




b. Concepts: capabilities, reference validations 




1. Secure kernels | 


■ 










2. Reference validations and capabilities 




I 










c. Present guidelines and standards, trusted computer base 


G 


+ 


g 










d. Design principles fro secure systems 










□ 


1. Least privilege 


C 


Hll 








□ 


2. Open design 


G 


m 








n 


3. Fail-safe defaults 


G 










□ 


4. Economy of mechanisms 


G 


DG 








□ 


5, Naturalness (human factors) 


G 


ET1 








□ 


6. Continuous protection 


BJ 








□ 


e. Common penetration methods and countermeasures 










1. Trojan horse; virus; worm; salami; piggyback; 


+ 


+ 


m 










deception; human compromise; etc. 










2. Controls on changes; audit trails; program library; 


+ 


1 










code comparison; checksums and encryption; 






vaccines and antiviral agents; access control: etc. 


□ 


m 




2. Access control 
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Table 7: Computer Science Courses 



COMPUTER SECURITY CONCEPTS AND ISSUES 



a. Discretionary access control 



C45 

u 



1. Subjects and objects 



2. Access privileges 



3. Granting/revoking of privileges 



4. Access control lists 



5. Capabilities, descriptors 



6. Supervisor states, rings, domains 



b. Non-discretionary access control 



1. Labels on subjects, objects 



2. Rules for reading, writing 



3. Software Controls: Development 



a. The real problem: bugs 



b. Software engineering principles: layering, modularity 



c. Structured methods 



d. Formal specification and verification 



e. Program library/librarian 



f. Data dictionary as a control 



g. Conversion and implementation 



4, Software controls: Maintenance 



a. Separation of duties 



wn 
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Table 7: Computer Science Courses 



COMrUTER SECURITY CONCEITS AND ISSUES 




CS 30301 


CS 46011 




b. Testing controls 


-h 


□ 


□ 









c. Change control 


Sd 




5. Assurance 






D 




a. Integrity 


[i 






b. Testing 




1 






c. Specification/verification 


+ 


□ 


m 








(1. Facility management 


□ 


□ 


□ 




e. Disaster/contingency 


m 


□ 




f. Compliance/degree of trust 


m 




E. Database systems security 


□ 


□ 




1. Overview 


m 




a. Review of basic concepts of information protection 


IW 




b. Role of information protection in database systems 




2. Threats 




a. Direct disclosure of data H 




b. Modification of data/tampering with data 




c. Inference [H 




d. Aggregation 


1 


1 


e. Trojan horse 


IB 





67 




Table 7; Computer Science Courses 



COMI'UTER SECURITY CONCErfS AND ISSUES 


CS 29701 


CS 30301 


CS 46011 


f. Coven disclosure of data 


□ 


□ 


m 




3. Policy/mechanism 


□ 


n 




a. Policy versus mechanism | 


M 


u 




b. Access controls 


□ 


n 




1 . Access right and privileges 


11 




2. Access control policies 


□ 




3. Granularity 


□ 




4. Labels 


□ 




5. Access control mechanisms p|i 




c. Inference controls 


m 


1 


d. Integrity controls 


□ 




1. Integrity policy 


IH 




2. Integrity mechanisms 


□ 




e. Accountability controls 






1 . Identification and authentication 






2. Audit 






4. Design issues 


□ 




a. Protection Approaches 






1. Trusted kernel 


LIB 




2. Trusted filter 
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Table 7: Computer Science Courses 



COMPUTKR SECURITY C()NCEI*TS AND ISSUES 



o 

t-- 

c/5 

U 



3. Encryption 



1 



b. Performance 



1 



c. Storage 



d. Access control vs. integrity 



e. Assurance 



V, Legal Environment and Professionalism 



A, Law and legislation 



1. The underlying problem 



m 



a. Theft, copying software, privacy 



b. Fraud 



c. Physical abuse 



d. Misuse of information 



e. Sabotage 



2. Laws as tools for computer security 



a. Privacy laws and legislation 



b. Intellectual property laws 



1. Copyright law 



m 



2. Trade secret law 



3. Patent law 
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Table 7: Computer Science Courses 



COMPUTER SECURITY CONCEPrS AND ISSUES 



4. Trademark law 



c. Federal laws (esp. Computer Security Act 1987) 



d. State statutes 



e. DPMA Model Computer Crime Bill 



f. Computer crime legislation in other countries 



3. Legislation as legal options to control computer crime 



a. License agreements (consumer license agreements) 



b. permanent license agreements 



c. Intellectual property rights 



d. Employee non-disclosure considerations 



e. Contracts 



1 . Software development contracts 



2. Legal aspects of software purchasing 



3. Leasing contracts 



f. Warranties for software and hardware 



4. Control of strategic materials 



5. Fraud and crime prevention and detection 



6. Investigation; evidentiary trial 



B. Ethics and professionalism 



o 


o 




r- 




o 


CN 


o 










:/5 


c/3 


C/3 




U 








ii 



1 



i 



II 



1 



1 . Ethical decision-making 
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Table 7: Computer Science Courses 



COMPUTER SECURITY CONCEPTS ANI) ISSUES 



O 

r- 

n 

c/3 

U 



o 

so 

cr 

U 



2. Professional societies 



a. British Computer Society 



b. North America* DPMA and ICCP 



c, Canada: CIPS and DPMA 



L CIPS 



2. DPMA Canada 



d. Computer Professionals for Social Responsibility 



e. EDP Auditors Foundation 



m 



3. National Computer Security Center 



4. National Bureau of Standards 



m 



5. Certificate in Data Processing(CPC); Certified Information 



Systems Auditor(CISA) 



VI. CICA Computer Control Guidelines 



A. Accounting and auditing 



1 . Computer Control Guidelines 



a. Responsibility for Control 



b. Information Systems Development and Acquisition 



c. Information Systems Processing 



d. Segregation of Incompatible Functions and Controls 
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Table 7: Computer Science Courses 



COMPUTER SECURITY CONCEPTS AND ISSUES 



e. Application Controls 



c/: 

U 



2. Information systems audit 



1 



a. Security review objectives 



m 



b. Specific security controls 



c. Security review process 



a 

n 



d. Evidence accumulation 



e. Evaluation of test results 



m 



f. Communication of control weaknesses 
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APPENDIX C 

Table 8: Electro-Optical and Communication Courses 



COMPUTER SECURITY CONCEI*TS AND ISSUES 


o 

r- 


EO 2750 1 


EO 3750 1 


u 


L Overview 




□ 


□ 








A. Development of a Security Program | 


— 




1. Reason for a organizational security management policy 


m 








a. Objectives ' 








1. Identify sensitive systems/data 


□ 








2. Security plan | 








3. Training 


□ 


□ 








b. Policies 










1. Written and communicated 










2. Board of directors responsibility 


□ 








3. DPMA model policy 


m 


□ 








c. Connectivity, organizational structure, and security 








1. Connectivity defined 










2. Effect on organizational structure 


□ 








3. Security considerations 


□ 


□ 


□ 








d. Plans 


m 


□ 








1. Human resource management 


□ 








2. Access control 








3. Data control 
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Table 8: Electro-Optical and Communication Courses 



COMPUTER SECURITY CONCEPTS AND ISSUES 


o 

O 


EO 2750 1 


EO 3750 1 


CM 31121 






4. Labeling 








5. Contingency plan 








6. Legal responsibilities 


m 


— 




e. Responsibilities 








1 . Board of Directors | 


□ 








2. Board of Directors & senior management | 








3. Middle management 








4. Users 








B. Risk Analysis 








1 . Reason 


m 








2. Typical contents 


m 








3. Main purposes 








C. Contingency Planning 








1 . Defined 










2. Backup 










3. Critical elements 








D. Legal Issues for Managers 


□ 








1. Licenses 








2. Fraud/misuse 


□ 
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Table 8: Electro-Optical and Communication Courses 



COMPUTER SECURITY CONCEI»TS AND ISSUES 


o 

o 


EO 2750 1 


EO3750I 


CM3112I 


3. Privacy 




□ 


□ 








4. Copyright 


□ 


m 






— 1 


5. Trade secrets 








6. Employee agreements 








E. System Validation & Verification (Accreditation) 








1. Plan testing 








2. Acceptance of responsibility 


m 








F. Information Systems Audit 


m 








II. Risk Management 








A. Asset Identification and Valuation 










1. Processing valuation 


m 








2. Risk management team 


□ 


m 








3. Classification of assets 








4. Subclassification of assets 










a. People, skills, and procedures 








b. Physical and environmental 


□ 








c. Communications 








d. Hardware 


□ 




1 




e. Software 


□ 




1 




f. Data and information 


□ 
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Table 8: Electro-Optical and Communication Courses 



COMPUTER SECURITY C()NCE1*TS AND ISSUES 


EO 2710 
“EO 2750 


EO 3750 1 


CM 31121 






g. Goodwill 








5. Determining values for assets 








a. Acquired and intrinsic values Y 








b. Purpose of assigning value to assets 








c. How to measure assets values 








d. Criticality and sensitivity 


m 








L Criticality: business impact, revenue losses 








embarrassment, legal problems 


□ 








2. Sensitivity: privacy, trade secrets, planning 


m 


□ 








information, financial data 


□ 








3. Sources MIS, users, senior management 








4. Levels: military, national security, commercial 








e. Asset valuation: standard accounting 








f. Asset valuation: replacement value 


□ 


□ 








g. Asset valuation: loss of availability 


m 








h. Asset valuation: estimating methods 


m 








6. Use of asset analysis results 








a. Limitations 








1. Lack of data 
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Table 8: Electro-Optical and Communication Courses 



COMPUTER SECURITY CONCEI*TS AND ISSUES 


o 

r- 

n 


EO 2750 1 


EO 3750 1 


CM 31121 


2. Interpretation 




□ 


□ 








B. Threat and Exposure Assessment 








1. Threats, vulnerabilities, and exposures defined 


n 








2. Methodologies for threat assessment 


n 




1 




a. Properties of threats 


□ 


□ 








b. Properties of assets 


n 








c. Combining properties: the cost exposure matrix 


□ 


m 








3. Probability concepts i 


□ 


m 








a. Definitions | 


□ 


m 








b. Tables of probability values 1 










c. Fuzzy metrics 


m 








d. Expected values 










e. Worst case 


□ 


m 








f. Automated packages 








4. Sources of threat information 








a. Vulnerability analysis 










b. Scenarios 










c. Past history 










d. Outside Sources 








5. Calculating exposures 
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Table 8: Electro-Optical and Communication Courses 



COMPUTER SECURITY CONCEFfS AND ISSUES 


o 

r- 

w 


o 

O' 


EO 3750 1 


CM 31121 




— 


III. Safeguards: Security and Control Measures ] | 


□ 






A. Overview of Safeguards ] | 


IN 




□ 




1. Common sense 




□ 


□ 


1 






2. Types of controls: prevention, detection, reaction 




□ 


— 








a. Basic purpose of controls 


+ 


[T 












b. Prevention 


+ 


□ 


□ 












c. Detection 


+ 














d. Containment 


+ 














e. Reaction or correction 


+ 














3. Design strategies 


m 


□ 












a. Countermeasures 


+ 


□ 


□ 












b. Countermeasure selection 


+ 


□I 












c. Sensitivity analysis 








d. Decision analysis 


m 








e. Goal-seeking heuristics 


[T1 








f. Risk perception and communication 








4. Components of EDP security 








a. Administrative and organizational controls 








b. Policies 
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Table 8: Electro-Optical and Communication Courses 



COMPUTER SECURITY CONCEITS AND ISSUES 


EO 2710 1 


o 

m 

O 


EO 3750 1 


CM 31121 


c. Personnel 


□ 




□ 








d. Physical and environmenud security 








e. Computer operations 








f. Contingency planning 










5. Components of EDP security: technical 












a. Communication and electronic exposures 


+ 


[T 












b. Hardware 
















c. Encryption 


+ 


□ 


□ 












d. Software 


+ 


□I 












B. Organizational and Administrative Controls 


□ 










1 . Trade secrets, employee agreements, conflict of interest 


m 








2. Security policy 


□ 


m 






Q 


a. Intent (related to sensitivity) 


□ 


n 


□ 




b. Access to and distribution of information 


□ 


□ 








c. Laws 










d. Regulations 








e. Company policy 










f. Mandatory and discretionary security 


□ 


□ 








g. Accountability: identification, authentication, audit 


□ 








3. Responsibility areas. System Security Officer 


m 


□ 
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Table 8: Electro-Optical and Communication Courses 



COMPUTER SECURITY CONCEPrS AND ISSUES 


EO 27101 


EO 2750 1 


EO 3750 1 


CM 31121 






a. Basic role 


□ 








b. Duties 


- 




c. Training and skills for a System Security Office 








4. Employee training | | 


M 








a. Orientation 








b. Skills j 


LM 






B 


5. Telecommuting 


□ 


m 




C. Personnel Consideration 






B 


1 . Human motives for criminal action 






2. Employee selection 


m 








a. Application forms 


□ 


□ 








b. Permissions for investigations 


m 








c. Security clearance and citizenship 


□ 








3. Professional certificates 


m 








4. Working environment 








a. Vacations and job rotation 








b. Employee-management relations 


□ 


□ 








c. Career path planning 


□ 








d. Remuneration 


m 
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Table 8: Electro-Optical and Communication Courses 



COMFUTER SECURITY CONCEIT'S AND ISSUES 


o 

o 

' j : 


EO 2750 1 


EO 3750 1 


CM 31121 


5. Access rights and privileges 




□ 


□ 








6. Prosecution for adverse actions 


□ 


— 




7. Employee separation 


□ 


□ 








D. Physical and Environmental Security j 


□ 


□ 








1. Site location and construction [ | 


M 


U 








a. Computer room considerations 


r 


n 








b. Special microcomputer problems 


□ 


□ 








2, Physical access 


□ 


□ 








a. Access vs. security 


□ 


□ 








b. Rooms, windows, doors, keys 


□ 


□ 








3. Power 


m 








a. Spikes, surges, brownouts 








b. Costs of prevention/protection equipment 








4. Air-conditioning 


m 








5. Water exposures and problems 








6. Fire prevention 








7. Fire protection 


m 








8. Tape and media libraries; retention policies 


□ 








9. Waste disposal 








10. Off-site storage 
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Table 8: Electro-Optical and Communication Courses 



COMPUTER SECURITY CONCEPl'S AND ISSUES 


EG 27101 


EO 2750 1 


EO 3750 1 


s 

u 






11. Document libraries and controls 








1 E. Computer Operations I 


n 


n 


n 


— 




1. Organization of computer operations i 








a. Mainframes 


m 


n 








b. Minicomputers 


□ 








c. Microcomputers/office automation 


m 


n 








2. Separation of duties 


m 


□ 








3. Controls at interfaces 


m 


□ 








4. Media controls 


m 


□ 








5. Backup procedures 


□ 








6. People controls 


□ 








F. Contingency Planning 








1 . Backups and procedures 


□ 








a. Data 


□ 








b. Manuals and documentation 










c. Equipment 








1. Air conditioning 








2. Uninterruptible power supply 








2. Catastrophe planning 


□ 


m 




^ 1 





82 




Table 8: Electro-Optical and Communication Courses 



COMPUTER SECURITY CONCEITS AND ISSUES 


O 

r- 

O 


EO 2750 1 


EO 3750 1 


CM 31121 


a. Stages in a disaster 




□ 


□ 








b. Planning and response teams 








' c. Testing plan 








[ d. Communication of plan | ] 


M 


U 








3. Security and controls in off-site backup and facilities j 


□ 








j 4. Business and DP insurance j 


M 


u 








5. Software escrow arrangements 








IV* Safeguards: Security and Control Measures, Technical 


□ 


□ 


□ 








A. Hackers and reality: Perception of Risk 


m 


□ 


1 






B. Communications and Electronic Exposures 


□ 


□ 


□ 








1. Locus of attack 





a. Terminals 



b. Hosts 



c. Front-end processors 



d. Gateways 



e. Links 



f. Switches (multiplexors, packet switching, etc,) 



g. Special problems with intelligent workstations 



2. Types of attack 



a. Passive: disclosure; traffic analysis; add/remove nodes 



83 




Table 8: Electro-Optical and Communication Courses 



COMPUTER SECURITY CONCErfS AND ISSUES 


o 

r- 

n 

2 


EO 2750 1 


o 

r- 

fTi 

c 


CM 31121 




trr 




b. Active: modification; insertion; deletion; replay | 






3. Electronic 


□ 












a. Incoming: interruptions; static; FRl; EMP 


+ 


□ 


□ 


1 










b. Outgoing: leakage 


+ 


□ 


□ 


1 










c. Solutions: shielding 


+ 


□: 


P 










4. Communications 


U 


□ 










a. Value-added communications 


+ 


□ 


□ 








b. exposures incoming: noise and interference 


+ 




B 








c. Exposures outgoing: interception, replacement 






1 








B 


d. Solution: physical measures 




□ 


□ 










e. Solutions: encryption | 


+ 


1 


I 








B 


f. ISO OSI communications standards 


+ 


□ 


□ 






5. Network design 


□ 








a. Design considerations 








B 


1. Integration of countermeasures into network 


□ 




design: cryptographic checksum; time stamp; 


□ 


□ 








BdVLaPadula model 


□ 






B 


2. Integration of countermeasures into protocol layers: 


□ 




link level encryption; end-to-end encryption 
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Table 8: Electro-Optical and Communication Courses 



COMPUTER SECURITY CONCEFFS AND ISSUES 


o 

r- 

w 


EO 2750 1 


EO 37501 


CM 31121 


b. Assurance 


□ 


□ 








1. Concept of trust j 


□ 








2. Degrees of trustworthiness j 


□ 








3. Trusted network base ( 

1 


□ 








4. Testing 


n 


— 




5. Formal specification i 


□ 


n 








6. Formal verification 


□ 


□ 


□ 








C. Encryption 


□ 


□ 


□ 






■ 






1. Definition (plaintext, ciphertext; encryption/decryption) 


□ 


□ 


1 



2. Public key and private key 



3. Key distribution 



4. Link level, end-to-end 



5. Block mode, cipher block chaining, stream ciphers 




(synchronous and self-synchronous) 



6. DES, RSA 



7. Cryptanalysis and strength of ciphers (theoretically secure 



1 



computationally secure) 



8. Advantages and disadvantages 



m. 



D. Software and Operating System Controls 



1 . Secure operating systems 
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Table 8: Electro-Optical and Communication Courses 



COMPUTER SECURITY CONCEI’TS AND ISSUES 


o 

O 


EO 2750 1 


o 

C 


CM 31121 


I 




a. History 


IT 








b. Concepts: capabilities, reference validations 










1. Secure kernels 








2. Reference validations and capabilities 


m 









c. Present guidelines and standards, trusted computer base 










d. Design principles fro secure systems 








1. Least privilege 








2. Open design 








3. Fail-safe defaults 


□ 








4. Economy of mechanisms 








5. Naturalness (human factors) 








6. Continuous protection 


m 








e. Common penetration methods and countermeasures 


m 








1. Trojan horse; virus; worm; salami; piggyback; 


m 








deception: human compromise; etc. 


□ 








2. Controls on changes; audit trails; program library; 








code comparison; checksums and encryption; 


m 








vaccines and antiviral agents; access control; etc. 








2. Access control 


m 




1 
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Table 8: Electro-Optical and Communication Courses 



COMPUTER SECURITY CONCEPTS AND ISSUES 


EO 27101 


EO 2750 1 


EO 3750 1 


s 

u 


a. Discretionary access control 


□ 


□ 


□ 








1. Subjects and objects | 


rn 








2. Access privileges | 






^ 




3. Granting/revoking of privileges j 


□ 


□ 








4. Access control lists 


n 








5. Capabilities, descriptors 




□ 








6. Supervisor states, rings, domains 


□ 


□ 








b. Non-discretionary access control 


□ 








1. Labels on subjects, objects 


□ 








2. Rules for reading, writing 


□ 








3. Software Controls: Development 








a. The real problem: bugs 


□ 


□ 


□ 








b. Software engineering principles: layering, modularity 


m 








c. Structured methods 








d. Formal specification and verification 


m 


□ 








e. Program library/librarian 






1 




f. Data dictionary as a control 


m 


□ 








g. Conversion and implementation 








4. Software controls: Maintenance 








a. Separation of duties 


□ 


□ 
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Table 8: Electro-Optical and Communication Courses 



COMPUTER SECURITY C()NCEI»TS AND ISSUES 


o 

r-- 

w 


EO 2750 1 


EO 37501 


S 

u 






b. Testing controls 








c. Change control 


□ 


□ 


□ 








5. Assurance 










a. Integrity 








b. Testing 








c. Specification/verification 


u 


□ 








d. Facility management 


□ 


□ 








e. Disaster/contingency 


m 








f. Compliance/degree of trust 


m 








E. Database systems security 


m 








1. Overview 


m 








a. Review of basic concepts of information protection 


m 








b. Role of information protection in database systems 


m 


□ 








2. Threats 


□ 








a. Direct disclosure of data 










b. Modification of data/tamp)ering with data 










c. Inference 


m 


□ 








d. Aggregation 


m 


□ 








e. Trojan horse 
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Table 8: Electro-Optical and Communication Courses 



COMPUTER SECURITY CONCEIT'S AND ISSUES 


o 

O 


EO 2750 1 


o 

V) 

r- 

w 


CM 31121 


f. Coven disclosure of data 




□ 










3. Policy/mechanism 


□ 


□ 


n 








a. Policy versus mechanism 


□ 




1 




1 b. Access controls j 


U 


□ 






1 1 . Access right and privileges 


□ 


□ 








2. Access conu-ol policies 


□ 


n 








3. Granularity 


□ 


n 








4. Labels 


□ 


□ 








5. Access control mechanisms 


□ 


□ 








c. Inference controls 


□ 


□ 








d. Integrity controls 


m 








1. Integrity policy 


m 








2, Integrity mechanisms 


m 


□ 








e. Accountability controls 


□ 


□ 








1. Identification and authentication 








2. Audit 


m 








4. Design issues 








a. Protection Approaches 


n 


□ 




] 




1. Trusted kernel 


□ 








2. Trusted filter 
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Table 8: Electro-Optical and Communication Courses 



COMPUTER SECURITY CONCEITS AND ISSUES 


o 

n 

O 


EO 2750 1 


EO 3750 1 


CM 31121 






3. Encryption | [ 


□ 








b. Pertbrmance 


n 








c. Storage j 


n 


n 








d. Access control vs. integrity i 








e. Assurance | 


□ 








V. Legal Environment and Professionalism 


LLU 








A. Law and legislation 








1. The underlying problem 








a. Theft, copying software, privacy 








b. Fraud 








c. Physical abuse 








d. Misuse of information 








e. Sabotage 








2. Laws as tools for computer security 


□ 


□ 








a. Privacy laws and legislation 








b. Intellectual property laws 


□ 


□ 








1. Copyright law 








2. Trade secret law 








3. Patent law 
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Table 8: Electro-Optical and Communication Courses 



COMPUTER SECURITY CONCEIT’S AND ISSUES 


EO 27101 


o 
C < 


KO 3750 1 


S 

u 


4. Trademark law 


□ 




□ 








c. Federal laws (esp. Computer Security Act 1987) 


□ 








d. State statutes | 








e. DPMA Model Computer Crime Bill | 


□ 








f. Computer crime legislation in other countries 


□ 








3. Legislation as legal options to control computer crime 


□ 








a. License agreements (consumer license agreements) 


m 


□ 








b. permanent license agreements 










c. Intellectual property rights 










d. Employee non-disclosure considerations 








e. Contracts 








1 . Software development contracts 


□ 








2. Legal aspects of software purchasing 


□ 








3. Leasing contracts 








f. Warranties for software and hardware 








4. Control of strategic materials 








5. Fraud and crime prevention and detection 








6. Investigation; evidentiary trial 








B. Ethics and professionalism 


□ 








1. Ethical decision-making 


m 


□ 
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Table 8: Electro-Optical and Communication Courses 



COMPUTER SECURITY CONCEITS AND ISSUES 


o 

O 


Oi 

V) 

Oi 


O 

IT) 

rn 

C' 

u 


u 






2. Professional societies I 


m 








a. British Computer Society | 








b. North America; DPMA and ICCP 








c. Canada; CIPS and DPMA 


m 


□ 








1. OPS 


□ 


m 








2. DPMA Canada 


M 


LM 








d. Computer Professionals for Social Responsibility 


□ 


□ 








e. EDP Auditors Foundation 


m 


□ 








3. National Computer Security Center 


□ 


□ 


□ 








4. National Bureau of Standards 










5. Certificate in Data Processing(CPC): Certified Information 


m 


□ 








Systems Auditor(CISA) 










VI. CICA Computer Control Guidelines 










A. Accounting and auditing 


□ 


m 








1. Computer Control Guidelines 








a. Responsibility for Control 








b. Information Systems Development and Acquisition 








c. Information Systems Processing 








d. Segregation of Incompatible Functions and Controls 
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Table 8: Electro-Optical and Communication Courses 



COMPUTER SECURITY CONCEPTS AND ISSUES 


o 

r- 


EO 2750 1 


o 

IT) 

O 


CM3112I 


e. Application Controls 




□ 










2. Information systems audit ] 




□ 








a. Security review objectives 








b. Specific security controls 


m 


□ 









c. Security review process | 


□ 








d. Evidence accumulation 


m 


□ 








e. Evaluation of test results 




□ 








f. Communication of control weaknesses 


m 


□ 
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